Into DNS Description

IntoDNS checks the health and configuration and provides DNS report and mail servers report. It also provides suggestions to fix and improve them, with references to protocols’ official documentation.

www.intodns.com

Please enter the Domain Name that you wants to check the DNS report

While we checked a domain name with intodns we get a detailed report about DNS report. The detailed DNS report are divided into five major sections.

The five major sections are below

1) Parent

2) NS – Name Server

3) SOA – Start of Authority

4) MX – Mail Exchanger Record

5) www

1) Parent Servers

The output of dns report for your domain, shows the NS records at the parent server.

Parent Server are the original authenticate servers from which the new domain arise.For example in google.com the parent server of com is the root server(.) The parent server of google is .com

 

a) Domain NS records

It is the name server output returned by the parent servers (ie,when we check a domain name it forward a request to 13 root name servers ranges from A to M. The root servers has all the updated details from the registrant end.)

OUTPUT

We can see any 2 or 3 nameserver name,its ip and Time to live (TTL) value.

Time to live (TTL) is a mechanism that limits the lifespan of data in a computer or network. When a caching (recursive) nameserver queries the authoritative nameserver for a resource record, it will cache that record for the time (in seconds) specified by the TTL. If a stub resolver queries the caching nameserver for the same record before the TTL has expired, the caching server will simply reply with the already cached resource record rather than retrieve it from the authoritative nameserver again.

The corresponding name of the root nameserver from which the request domain query executed in the output.

b) TLD Parent Check

We can also display the result of Top Level Domain check in the parent server that we interrogated,(ie,the output from any 13 root nameserver form which the request domain query executed)

c) Your nameservers are listed

In this entry it check whether the parent server (ie,the output from any 13 root nameserver form which the request domain query executed) has your nameservers entry.

d) DNS Parent sent Glue

A glue record is a hint that is provided by the parent DNS server. In the case of shibin.com, the .com GLTD (Global Top Level Domain) servers would provide the glue records. The glue records are simply additional A records that are returned with the DNS response. These additional A records allow the DNS client to locate the name servers.

A glue record is the IP address of a name server held at the domain name registry.
Glue records are required when you wish to set the of a domain name to a hostname
under the domain name itself.
For example if you wished to set the name servers of example.com to ns1.example.com and ns2.example.com you would need to also provide the glue records (i.e. the IP addresses) for ns1.example.com and ns2.example.com.

If you did not provide the glue records for these name servers then your domain name would not work as anyone requiring DNS information for it would get stuck in a loop:

What is the name server for example.com? -> ns1.example.com
What is the IP address of ns1.example.com? -> don’t know, try looking at name server for example.com
What is the name server for example.com? -> ns1.example.com

…and so on.

With the glue record in place the registry will hold the IP address and the loop will not occur:

Without a proper glue an extra A record lookup is required in order to get the IPs of your NS records.

e) Nameservers A records

This must check every nameserver listed in parent server has A records.

A record is the actual record that which one and only IP address at which the domain pointed.

2) NS – Name Server

In this section the output will get from name server end

 

a) NS records from your nameservers

NS records got from your nameservers listed at the parent NS

 

b) Recursive Queries

A recursive query is one where the DNS server will fully answer the query (or give an error).

 

c) Same Glue

The A records (the GLUE) got from the parent zone check are the same as the ones got from your nameservers.This tests only nameservers that are common at the parent and at your nameservers.

d) Glue for NS records

When I asked your nameservers for your NS records they also returned the A records for the NS records. This is a good thing as it will spare an extra A lookup needed to find those A records.

e) Mismatched NS records

This will check whether identical ns record at our nameservers entry. Identical name server is okay

f) DNS servers responded

Check whether all nameservers listed at the parent server responded.

 

e) Name of nameservers are valid

Check all our name servers have a specific IP

f) Multiple Nameservers

Check all our multiple name server is okay. We can add multiple nameservers upto 7

g) Nameservers are lame

Checking all the name servers entry in parent server answer authoritatively

h) Missing nameservers reported by parent

Comparing ns record in parent and nameservers.

i) Missing nameservers reported by your nameservers

Its also the same comparision

j) Domain CNAMEs

Check whether any CNAME is present in the ns record.

k) NS CNAME check

Check whether any CNAME is present in the ns record.

l) Different subnets

Check whether nameservers have different subnets.

m) IPs of nameservers are public

To prevent DNS delay the ip address may be public.In this section it check whether the ip address is public.

n) DNS servers allow TCP connection

Checking whether DNS servers allow TCP connections.

 

 

o) Different autonomous systems

In this section it will check whether the name servers are from different location. So that it can prevent a lot of problems if one nameserver goes down.

p) Stealth NS records sent

A stealth server is defined as being a name server which does not appear in any publicly visible NS record for the domain.

3) SOA

(Start of Authority) Record is the most essential part of a Zone file. A Zone file can contain only one SOA Record.The SOA resource record indicates that this DNS name server is the best source of information for the data within this DNS domain.

A properly optimized and updated SOA record can reduce bandwidth between nameservers, increase the speed of website access and ensure the site is alive even when the primary DNS server is down.

a) SOA record

It display the following details

Primary nameserver: This is the zone’s master DNS server

Hostmaster E-mail address: This record specifies the email address of the person/authority that is in charge of managing the domain name

Serial #:whenever a change to the zone file on the master DNS server is changed, the serial number must be increased by some value.That way, any slave server will know that an update has been made

Refresh:This value is configured to point the period at which the secondary or slave servers should poll the master server to check if the serial number of the zone file has been modified.

Retry: A value, typically an hour or less, that specifies the timeframe within which the slave server should repeat the update request, if the master DNS server for the zone has failed to answer its latest query

Expire: The ‘Expire’ value outlines the period of time for which the slave server will continue to use the existing data in case of a failure of the master DNS server.

Default TTL: TTL Negative responses (typically occurring when a requested record does not exist) can be also cached on non-authoritative servers. Small time periods are recommended (15min to 2h).

 

b) NSs have same SOA serial

Check whether SOA serial may changed.

 

c) SOA MNAME entry

Checking whether both nameserver and parent server has the same MNAME entry

d) SOA Serial

Check whether the serial number is in recommended format of YYYYMMDDnn.

e) SOA REFRESH

Check the refresh rate

f) SOA RETRY

Check the SOA RETRY value

g) SOA EXPIRE

Check the SOA EXPIRE number

h) SOA MINIMUM TTL

This value was used to serve as a default TTL for records without a given TTL value and now is used for negative caching (indicates how long a resolver may cache the negative answer)

3)MX

a) MX Records

Your MX records that were reported by your nameservers

b) Different MX records at nameservers

Checking all your nameservers have the same set of MX records.This tests to see if there are any MX records not reported by all your nameservers and also MX records that have the same hostname but different Ips.

c)MX name validity

Checking result of invalid hostnames for your MX records

d) MX IPs are public

Checking The Ip are public.

e) MX CNAME Check

Checking the canonical name.

f) MX A request returns CNAME

Checking whether CNAMEs returned for A records lookups.

g) MX is not IP

Checking MX records are host names or IP. MX entry will be a hostname is an necessity.

h) Number of MX records

Checking the number of mail servers.You should be careful about what you are doing since you have a single point of failure that can lead to mail being lost if the server is down for a long time.

i)Mismatched MX A

Checking MX has different A record.

j) Duplicate MX A records

Checking duplicate IP(s) for your MX records.

h) Reverse MX A records (PTR)

Used to reveres map IP addresses to a FQDN. Checking whether Reverse MX A records exist.

4) WWW

a) WWW A Record

Checking Whether we have a CNAME.

b) IPs are public

Checking whether WWW IPs appear to be public IPs.

c) WWW CNAME

Checking CNAME entry will returns the A record for the CNAME entry