Work in progress!

Follow IntoDNS on Twitter


Category Status Test name Information
Parent Info Domain NS records Nameserver records returned by the parent servers are:

a.iana-servers.net.   ['199.43.132.53']   [TTL=172800]
b.iana-servers.net.   ['199.43.133.53']   [TTL=172800]

b.gtld-servers.net was kind enough to give us that information.
Pass TLD Parent Check Good. b.gtld-servers.net, the parent server I interrogated, has information for your TLD. This is a good thing as there are some other domain extensions like "co.us" for example that are missing a direct check.
Pass Your nameservers are listed Good. The parent server b.gtld-servers.net has your nameservers listed. This is a must if you want to be found as anyone that does not know your DNS servers will first ask the parent nameservers.
Pass DNS Parent sent Glue Good. The parent nameserver sent GLUE, meaning he sent your nameservers as well as the IPs of your nameservers. Glue records are A records that are associated with NS records to provide "bootstrapping" information to the nameserver.(see RFC 1912 section 2.3)
Pass Nameservers A records Good. Every nameserver listed has A records. This is a must if you want to be found.
NS Info NS records from your nameserversNS records got from your nameservers listed at the parent NS are:

a.iana-servers.net  ['199.43.132.53']   [TTL=172800]
b.iana-servers.net  ['199.43.133.53']   [TTL=172800]

Pass Recursive Queries Good. Your nameservers (the ones reported by the parent server) do not report that they allow recursive queries for anyone.
Pass Same Glue The A records (the GLUE) got from the parent zone check are the same as the ones got from your nameservers. You have to make sure your parent server has the same NS records for your zone as you do according to the RFC. This tests only nameservers that are common at the parent and at your nameservers. If there are any missing or stealth nameservers you should see them below!
Information Glue for NS records INFO: GLUE was not sent when I asked your nameservers for your NS records.This is ok but you should know that in this case an extra A record lookup is required in order to get the IPs of your NS records. The nameservers without glue are:
199.43.132.53
You can fix this for example by adding A records to your nameservers for the zones listed above.
Pass Mismatched NS records OK. The NS records at all your nameservers are identical.
Pass DNS servers responded Good. All nameservers listed at the parent server responded.
Pass Name of nameservers are valid OK. All of the NS records that your nameservers report seem valid.
Pass Multiple Nameservers Good. You have multiple nameservers. According to RFC2182 section 5 you must have at least 3 nameservers, and no more than 7. Having 2 nameservers is also ok by me.
Pass Nameservers are lame OK. All the nameservers listed at the parent servers answer authoritatively for your domain.
Pass Missing nameservers reported by parent OK. All NS records are the same at the parent and at your nameservers.
Pass Missing nameservers reported by your nameservers OK. All nameservers returned by the parent server b.gtld-servers.net are the same as the ones reported by your nameservers.
Pass Domain CNAMEs OK. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
Pass NSs CNAME check OK. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
Pass Different subnets OK. Looks like you have nameservers on different subnets!
Pass IPs of nameservers are public Ok. Looks like the IP addresses of your nameservers are public. This is a good thing because it will prevent DNS delays and other problems like
Pass DNS servers allow TCP connection OK. Seems all your DNS servers allow TCP connections. This is a good thing and useful even if UDP connections are used by default.
Pass Different autonomous systems OK. It seems you are safe from a single point of failure. You must be careful about this and try to have nameservers on different locations as it can prevent a lot of problems if one nameserver goes down.
Pass Stealth NS records sent Ok. No stealth ns records are sent
SOA Info SOA recordThe SOA record is:
Primary nameserver: sns.dns.icann.org
Hostmaster E-mail address: noc.dns.icann.org
Serial #: 2014091611
Refresh: 7200
Retry: 3600
Expire: 1209600   2 weeks
Default TTL: 3600
Pass NSs have same SOA serial OK. All your nameservers agree that your SOA serial number is 2014091611.
Warn SOA MNAME entry WARNING: SOA MNAME (sns.dns.icann.org) is not listed as a primary nameserver at your parent nameserver!
Pass SOA Serial Your SOA serial number is: 2014091611. This appears to be in the recommended format of YYYYMMDDnn.
Pass SOA REFRESH OK. Your SOA REFRESH interval is: 7200. That is OK
Pass SOA RETRY Your SOA RETRY value is: 3600. Looks ok
Pass SOA EXPIRE Your SOA EXPIRE number is: 1209600.Looks ok
Pass SOA MINIMUM TTL Your SOA MINIMUM TTL is: 3600. This value was used to serve as a default TTL for records without a given TTL value and now is used for negative caching (indicates how long a resolver may cache the negative answer). RFC2308 recommends a value of 1-3 hours. Your value of 3600 is OK.
MX Error MX RecordsOh well, I did not detect any MX records so you probably don't have any and if you know you should have then they may be missing at your nameservers!
WWW Info WWW A Record Your www.example.com A record is:
www.example.com  [93.184.216.119] 
Pass IPs are public OK. All of your WWW IPs appear to be public IPs.
Pass WWW CNAME OK. No CNAME

Processed in 0.486 seconds.