Building a nameserver, Google won't recognise our records?

cn flag

We're building an experimental nameserver in Python, using the standard dnslib library.

It appears to work, we have delegated a test subdomain, to it, and it serves the expected answers for the records in its config file.

Using the venerable DNS checker shows no faults and perfect resolution. Other major DNS test tools also report all is well with the subdomain.

Cloudflare's public resolver at happily serves our records when asked.

However Google's public DNS at / return blank records for all queries for the subdomain.

Using the test tools provided at, if I try and look up say the NS records, this is what it shows - it seems to think no answer is being returned.

  "Status": 0 /* NOERROR */,
  "TC": false,
  "RD": true,
  "RA": true,
  "AD": false,
  "CD": false,
  "Question": [
      "name": "",
      "type": 2 /* NS */
  "Comment": "Response from"

However when I do a dig at that IP (which is the host, one of the two authoritative servers for the subdomain), the expected data is returned:

:~> dig @ ns

; <<>> DiG 9.9.4-rpz2.13269.14-P2 <<>> @ ns
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15616
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;      IN      NS

;; ANSWER SECTION: 3600  IN      NS 3600  IN      NS

;; Query time: 17 msec
;; WHEN: Sat Jul 08 15:40:27 BST 2023
;; MSG SIZE  rcvd: 78

The delegation is being done complete with glue records, as is normal:

:~> dig a

;      IN      NS

;; AUTHORITY SECTION: 3600  IN      NS 3600  IN      NS

;; ADDITIONAL SECTION:     1812    IN      A     1812    IN      A

I'm guessing the server is failing to set or serve something, but not sure what?

pt flag
I'm not sure I understand your question. It looks like the NS records resolve correctly (, and the A record resolves correctly as well (
Pyromancer avatar
cn flag
Sorry for not updating earlier, we eventually found and fixed the problem - Google seem to randomly uppercase characters in the query string and we'd neglected to lowercase the incoming queries, to math the config file format. This resulted in a mismatch and hence no data returned.
cn flag

Problem identified and solution found.

It turns out that Google's DNS randomly capitalises letters in the DNS query when looking up answers on authoritative servers. Which meant that when asked for "", by a dig or using the test we interface, what they actually asked our server for would be (for example) "mIdsUMmer.beLtAINe.Co.uK". I know DNS is meant to be case-insensitive but we'd neglected to lowercase the incoming queries, so when the script compared what it received with the data from its config (which is lowercase), there was no match.

Adding the code to lowercase the received query solved the problem and the test subdomain is now being served correctly.

This was the missing code:

qname = str(request.q.qname).lower()  # Convert to lowercase

Which just goes to show always check the basics before assuming something esoteric is happening. The problem was found by doing a tcpdump on the incoming interface and port, which showed the randomly capitalised queries.

I sit in a Tesla and translated this thread with Ai:


Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.