Web Server Rescue
Risk: safeCompare Authoritative Nameserver Answers
A domain has multiple authoritative nameservers and you need to see whether they return the same edge IP.
Command
for ns in $(dig +short NS edge.test); do printf '%s ' "$ns"; dig @"$ns" +short edge.test A; done
Before you run this
Risk: safe. Do not edit zone data from this output alone; confirm which provider owns the live zone.
Expected output
Each authoritative nameserver followed by its A record answer.
System impact
Nothing changes. The command lists NS records and asks each nameserver for the A record.
Recovery / rollback: no state is changed.
When to use it
Use when propagation looks inconsistent even after recursive caches should have expired.
When not to use it
Do not edit zone data from this output alone; confirm which provider owns the live zone.
Watch this command run
Example output from a temporary Linux lab
This example uses disposable sample files and sanitized output so you can inspect the shape of the result before touching a real system.
$ dig +short NS example.com
example.com.
example.com.
$ for ns in $(dig +short NS example.com); do printf '%s ' "$ns"; dig @"$ns" +short example.com A; done
example.com. 203.0.113.10
example.com. 198.51.100.44
View reproducible demo details
This page shows the sanitized shell transcript and the setup steps needed to reproduce the example.
Lab setup steps
dig +short NS edge.testfor ns in $(dig +short NS edge.test); do printf '%s ' "$ns"; dig @"$ns" +short edge.test A; done
next steps
Related commands
Compare DNS Answers Across Resolvers
One resolver can still have the old edge IP while another has the new one.
for r in 1.1.1.1 8.8.8.8 9.9.9.9; do printf '%s ' "$r"; dig @"$r" +short edge.test A; done
Compare A and AAAA Records
IPv4 worked. IPv6 sent users to a different edge.
printf 'A '; dig +short edge.test A; printf 'AAAA '; dig +short edge.test AAAA
Check CAA Certificate Issuers
The certificate request failed because DNS allowed the wrong issuer.
dig +short edge.test CAA
Check the WWW CNAME Target
The apex was right. The www name pointed through a different path.
dig +short www.edge.test CNAME
Show the DNS Answer TTL
The fix was correct. The TTL explained why users still saw the old edge.
dig +noall +answer edge.test A
Study mapping
Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.
Useful for
- LPIC-1 style command-line practice
- LFCS style performance tasks
- Linux+ style troubleshooting review
Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.