For some domains nslookup gives me a Non-authoritative answer section. What does this mean?

Got answer:
        opcode = QUERY, id = 3, rcode = NXDOMAIN
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional =

    QUESTIONS:, type = AAAA, class = IN
    ->  (root)
        ttl = 1787 (29 mins 47 secs)
        primary name server =
        responsible mail addr =

Non-authoritative answer:

Best Answer

It's essentially what it says An authoritative answer comes from a nameserver that is considered authoritative for the domain which it's returning a record for (one of the nameservers in the list for the domain you did a lookup on), and a non-authoritative answer comes from anywhere else (a nameserver not in the list for the domain you did a lookup on).

It's basically a distinction between a nameserver that's an official nameserver for the domain you're querying and a nameserver that's not Nameservers that aren't authoritative are getting their answers second (or third or fourth...) hand - just relaying the information along from somewhere else.

So, for example, If I did an nslookup of right now, I would get a response from one of my configured nameservers. (Either from my ISP, or my domain.) It would come back as non-authoritative because neither my ISP's nameservers, nor my own are in the list of nameservers for . They aren't google's nameservers, so they're not the authoritative source that creates the ns records.

The list of authoritative nameservers for Google is below (from

Domain Name: GOOGLE.COM

Registrar: markmonitor inc.

Whois Server:

Name Server: NS1.GOOGLE.COM

Name Server: NS2.GOOGLE.COM

Name Server: NS3.GOOGLE.COM

Name Server: NS4.GOOGLE.COM

Updated Date: 20-jul-2011

Creation Date: 15-sep-1997

Expiration Date: 14-sep-2020

If I changed my configured DNS server to one of the ones in that list, and then did an nslookup against , I'd get an authoritative answer back. Those servers are the authority, (or source) for what are valid names in google's domains, and what aren't. All other nameservers non-authoritative nameservers get their records from authoritative server somewhere down the line