When I run the following dig command on www.google.com with the +nssearch option I get no results:
mac$ dig www.google.com +nssearch
mac$
Can someone explain why no data is returned here? The +nssearch option reads the SOA of all the authoritative name servers I believe. Does this mean there are no authoritative name servers? How is that possible? The domain www.google.com obviously works so I was expecting some sort of result.
On
; <<>> DiG 9.9.5-3ubuntu0.2-Ubuntu <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40522
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 20 IN A 74.125.196.106
www.google.com. 20 IN A 74.125.196.104
www.google.com. 20 IN A 74.125.196.99
www.google.com. 20 IN A 74.125.196.147
www.google.com. 20 IN A 74.125.196.105
www.google.com. 20 IN A 74.125.196.103
;; Query time: 2 msec
;; SERVER: 192.168.186.1#53(192.168.186.1)
;; WHEN: Wed Jun 17 17:17:37 CDT 2015
;; MSG SIZE rcvd: 139
From "man dig":
+[no]nssearch When this option is set, dig attempts to find the authoritative name servers for the zone containing the name being looked up and display the SOA record that each name server has for the zone.
Since there's no authority section in the response, +nssearch is going to return nothing.
www.google.comis not a zone, but a name in a zone. Therefore it doesn't have any NS records (or SOA records) for dig to display. Try dropping thewww.bit and you'll get more output.