How to find all DNS records

When I use dig to find my DNS records, it doesn’t show any SRV or CNAME records. I have tried other services like ultradns.com or securitytrails.com. I may get some but not all.

Now, If I go to CloudFlare and setup a new domain that has its DNS at another registrar, CloudFlare is able to find every single record of every type. How does CloudFlare do this? Is there another tool I can use to get all the records?

1 Like

No, absolutely not. If you want to ensure you have every record, you should import a BIND file form your existing DNS provider.

We scan for a couple thousand common records and record types. It generally works fine for a simple personal domain, but anything even moderately complex will likely result in a number of missed records. Importing a BIND file is highly recommended.

OK, I guess because I have worked with domains with small files it seems that CloudFlare finds them all. But how is it that CloudFlare can find the TXT, CNAME and dig and other services can’t find them?

Probably the service isn’t querying for them, is querying for the wrong thing or the query is malformed. It’s DNS, so either the record exists or it doesn’t for the most part…

Cloudflare makes a ton of guesses, of all different record types. It’s actually pretty obvious if you have access to the authoritative server’s logs.

The impressive part is the list itself, but this makes sense as Cloudflare hosts a massive number of domains and probably used that (or other public query data) to build such a list themselves.

2 Likes

My understanding is that we did some basic statistical analysis of ‘most common’ records, but we also added in some of our own analysis of what records are ‘importanter’. And then some logic that if this record type exists, we should probably look for these other related records as well.

But that is my vague recollection + a number of quasi-reasonable assumptions based on what I would want (and the certainty our teams are smarter than I am).

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.