Can a registered domain name have no DNS records at all?

TL;DR It's extremely unlikely (though not technically impossible) that a properly registered domain would have zero* DNS records. The existence of the domain must be announced to the global DNS system by an update provided by the domain registrar. Failure by the Registrar to provide this update would constitute failure to perform the duty delegated to them by the IANA.


At minimum, every domain has one or more DNS glue records

When a domain is registered, the Domain Registrar sends an update to the generic Top-Level Domain (gTLD) servers responsible for the TLD in question. For example, registering the domain example.com triggers an update to the .com gTLD servers, which are operated by VeriSign.

This update includes the authoritative name server (NS) records from the domain's WHOIS data. The gTLD server then creates a DNS glue record for the domain pointing to the authoritative name servers. These glue records are what enable the gTLD servers to refer incoming queries to the authoritative name servers for the domain.

Therefore, unless the domain registrar fails to perform the duty delegated to them by IANA, a lookup against any registered domain will return the authoritative name server records for that domain.

Then why aren't lookups for 00000onlinecasino.com returning any records?

It appears that everything has taken place as described above; in other words, this domain's registrar (NameBright.com) has created the required WHOIS entry and submitted the NS records to the .COM gTLD servers. I confirmed this as follows by running nslookup set to query for NS records:

C:\> nslookup -q=ns 00000onlinecasino.com
Server:  my-dns-server.internal.local
Address:  192.168.168.1

Non-authoritative answer:
00000onlinecasino.com   nameserver = n2.juming.com
00000onlinecasino.com   nameserver = n1.juming.com

n2.juming.com   internet address = 112.253.3.26
n2.juming.com   internet address = 121.14.157.13
n1.juming.com   internet address = 121.14.157.13
n1.juming.com   internet address = 220.181.135.142

I also used this handy Glue Record checker from MeBSD.com which confirmed the results:

enter image description here

However, the same query when performed against any of these name servers is returning an error:

C:\> nslookup -q=ns 00000onlinecasino.com n1.juming.com
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  220.181.135.142

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to UnKnown timed-out

Since these servers are authoritative for this domain, they should at least know about it and identify themselves as the NS records for the domain! Given this, it's clear that these NS servers have been mis-configured.


*I must allow that the definition of "zero DNS records" is open to interpretation. As demonstrated by this question's test case, the authoritative name servers aren't responding, giving cause to the argument that the domain has no records. However, I prefer the view that a domain's glue records are essentially the "other half" of a domain's NS records. After all without the glue records, any attempts to look up the authoritative name servers for a domain would result in the circular instruction to, "go ask [insert name server here]."

More Information

  • What is a glue record? from ServerFault
  • ServerFault answer explaining Authoritative NS records, glue records, and gTLD servers
  • Domain Name System on Wikipedia
  • Me, BSD online Glue Record lookup tool

Yes. There are multiple ways this can happen.

To start, let's review how DNS lookup works for a record like www.example.com:

  • The DNS resolver contacts a root nameserver, which responds with a delegation to the com TLD nameservers.

  • The resolver contacts a com TLD nameserver, which responds with a delegation to the registered nameservers for example.com.

  • The resolver contacts one of the registered nameservers for example.com, which responds with the records for www.example.com.


First: the nameservers for example.com could have deleted all records for example.com. While domain servers are supposed to always have certain records (including SOA and NS records) available for a domain, there is nothing in practice which forces them to do so. A domain missing these records may not work properly with some resolvers, but if the domain has no DNS records anyways there's no practical difference.

Second: the nameservers for example.com could reject or fail to respond to queries. The DNS records only exist within these nameservers, so if the nameservers aren't responding with the records, the records effectively don't exist.

Third: the com registry could suspend the registration for example.com, e.g. if the domain registration lapsed. This would cause the com nameservers to stop returning a delegation to the example.com nameservers, making any records there unavailable. Just as before, if the records aren't accessible, they might as well not exist.


There are 2 parts to registering the domain - getting it allocated by the registry and setting up DNS.

For most (all?) domains, DNS entries need to be provided for the domain to be registered (different tlds have different requirements but most require a minimum of 2 dns servers be specified). Often, however, there is no requirement that these nameservers are valid, do you can get away with putting anything in these fields.

The second part is setting up the zone on nameservers. Generally it's possible to leave this step out when registering a domain name, but most registrars will set something up here as part of your registration.

So, no, it's not possible to not specify any nameservers in most cases, but the specified nameservers font need to work. In this case, whois (which queries the registrar database) will generally show the nameservers but dig/nslookup (which relies on DNS working) won't.

Tags:

Dns

Domain