DNS plays an ever-crucial behind-the-scenes role on the internet. And here are some tools you can use to check if it’s working the way intended.
The phonebook of the internet (aka DNS) needs to work correctly for you to enjoy the internet.
And that’s just not true for an average internet user, but a misconfigured DNS can be catastrophic for any online business.
For instance, one can poison DNS records (aka Pharming attack) to send your users to phishing sites, doing irreparable reputation damage to your business.
The best way to remain alert is with DNS monitoring tools. Regardless, DNS monitoring is for the high-stakes project, and realistically, webmasters don’t give them a thought.
In most such cases, one can check the DNS health with these listed tools. It will help you troubleshoot (if required) and ensure safety for you and your users.
DNS Spy is a monitoring service that you can also use to generate an instant report detailing DNS connectivity, performance, security, etc.
These sections entail:
Connectivity: available nameservers and their response
Performance: nameservers response time
Security: checks for best practices for server location, domain name, DNSSEC, etc.
Records: mentions all publicly available DNS records
Besides, every report mentions the warnings, recommendations, and achievements for individual sections, which is excellent for resolving issues.
Within a split second, IntoDNS verifies significant DNS issues regarding nameservers, SOA, mail servers, and CNAME.
The report is generally very detailed, including nameservers’ IP, their response, NS records, etc., with comments. Besides, the report mentions SOA serial number, refresh interval, retry value, TTL, expire number, etc.
Additionally, you get to see the mail servers’ IPs, their validity, associated records, and any possible mismatch or duplication.
MXToolBox has hundreds of tests for your domain health, including vital DNS checks. Straightaway, you get what needs your attention at the top, followed by what’s working great.
Personally, I liked this approach as it takes the clutter out and serves the best in short. Besides, it also lists the possible remedies for course correction.
Moreover, you have tons of other checks, such as for blacklisting, server, and general domain hiccups.
dig, a DNS lookup utility, is available on UNIX-based operating systems to query the DNS from the terminal itself.
Dig has quick-to-memorize commands one can use to verify specific DNS records. It works to find out nameservers, mail servers, traceroute, reverse DNS lookup, and more.
Here is a simple query output:
root@trends:~# dig gf.dev
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> gf.dev
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28778
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;gf.dev. IN A
;; ANSWER SECTION:
gf.dev. 300 IN A 18.104.22.168
gf.dev. 300 IN A 22.214.171.124
;; Query time: 13 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Feb 23 19:27:49 UTC 2020
;; MSG SIZE rcvd: 67
In addition, one can get responses from particular servers about the DNS configurations and not rely on any single pre-decided server as with other tools.