Tech/Protocols/DNS/DNS Checklist

From lathama
< Tech‎ | Protocols‎ | DNS
Jump to navigation Jump to search

DNS Checklist

  1. Name servers have glue records[a] setup via the registrar
  2. Base (apex) domain (@) and www point to the same IP(s)
  3. mail.example.com, nameservers.example.com return all the mail and name servers respectively
  4. SOA[b] email address works and is read by a human daily
  5. Name servers are on more than one subnet
  6. SOA serial is not date based
  7. Wildcard and or Generated answers for undefined PTR[c] records
  8. SPF TXT for "v=spf1 mx a -all"
  9. Registrar offers API to update glue records for mitigating DDOS[d]
  10. Documentation is easy to find
  11. Disaster recovery is tested on a schedule
a. https://en.wikipedia.org/wiki/Domain_Name_System#Circular_dependencies_and_glue_records
b. Start of Authority
c. https://en.wikipedia.org/wiki/Reverse_DNS_lookup
d. distributed denial-of-service attack
Retrieved from "https://lathama.net/index.php?title=Tech/Protocols/DNS/DNS_Checklist&oldid=249"