Validate DNS is Working Properly

If you haven't already...
Set up an Affiliate Account or Set up a Small Business account.
Posted on November 22, 2017 by admin under General
Leave a comment

This post is a procedure for testing the DNS services at quantumleaps.com.

The same process should work for your system, just change the domain name as needed.

We want to verify that the DNS records we created in the ISPConfig — Setup DNS Zone post. In that post we created the quantumleaps.com domain and added 10 separate records.

  • mail
  • ns1
  • ns2
  • quantumleaps.com. (a domain entry for default purposes)
  • www (Not strictly needed, but i like to have them just cause.
  • NS records for the name server entries.
  • MX record for mail services.

To test the server, we will use an nslookup program run on a windows system.

  1. Open a windows command prompt.
  2. Type nslookup and press enter.
  3. Type server <ip address> and press enter.
    • <ip address> is the ip address of the dns server being tested. You can even enter the name if it is resolvable.
  4. Type set querytype=A and press enter.
  5. Type mail.quantumleaps.com and press enter. (You should get something like the below as output.)
    • Name: mail.quantumleaps.com
    • Address: 107.144.115.83
  6. Repeat the previous step for the remaining A records of www, ns1, ns2, and quantumleaps.com.
  7. Type set querytype=NS and press enter. This tells the server we are looking specifically for NS records.
  8. Type quantumleaps.com and press enter. This queries the server for all NS records for the quantumleaps.com domain. The results should be similar to the below which lists the NS records and the A records to which they point.
    • quantumleaps.com nameserver = ns1.quantumleaps.com
    • quantumleaps.com nameserver = ns2.quantumleaps.com
    • ns1.quantumleaps.com internet address = 107.144.115.83
    • ns2.quantumleaps.com internet address = 107.144.115.84
  9. Type set querytype=MX and press enter. This tells the server we are looking for MX records.
  10. Type quantumleaps.com and press enter. As stated above this will list the MX record(s) and the A records to which they point, as below. On my system, it also prints the NS records. Not sure if that is an nslookup bug or if that is what it should display.
    • quantumleaps.com MX preference = 10, mail exchanger = mail.quantumleaps.com
    • quantumleaps.com nameserver = ns2.quantumleaps.com
    • quantumleaps.com nameserver = ns1.quantumleaps.com
    • mail.quantumleaps.com internet address = 107.144.115.83
    • ns1.quantumleaps.com internet address = 107.144.115.83
    • ns2.quantumleaps.com internet address = 107.144.115.84

If your results are similar, you can be assured that your dns is working properly. Lets do a couple more tests though to be sure. If you followed the ISPConfig3 — Add SPF Record post, then you added an SPF record to DNS. Additionally, if you followed the ISPConfig — Setup Email Domain post, then you added a DKIM record as well. Lets test to see those records.

In our nslookup utility, it should be open from earlier in this post, do the following.

  1. Type set querytype=TXT and press enter. This tells the server that we are only looking for TXT records.
  2. Type quantumleaps.com and press enter. You should see the spf record for the domain.
    • quantumleaps.com text =
    • “v=spf1 ip4:107.144.115.82 -all”

But wait you say, where is the DKIM key? I know I added it.

Well, it turns out that DKIM keys have a special format for hte host name entry, so the key is not for quantumleaps, but for a specific subdomain. The format is…

  • <uniq_identifier>_domainkey.<domain>.
    • The <uniq_identifier> is any string and by default, is “default”.
    • _domainkey is a literal.
    • <domain> is your domain.

Since we left the unuq_identifier as “default”, our records host name is default._domainkey.quantumleaps.com.

So, now do the same procedure but specify the default._domainkey.quantumleaps.com as the host name.

  1. Type set querytype=TXT and press enter. This tells the server that we are only looking for TXT records.
  2. Type default._domainkey.quantumleaps.com and press enter. You should see the spf record for the domain.

And wallah, you should see output like this.

default._domainkey.quantumleaps.com text =

"v=DKIM1; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC34Z6eXm/1mKd/gTY
cZ5YoN8RI8u89seS3JSegu/5bnKFzzx+eFcW9r3irJ9CXUBmMofKDBABuy18PvQJxmbNDLPE+9GTp7b0
Jbn6UQ5azbPMafVU8OAHPZcMPE9B7PB4FY5DmS21/rJ03lWi2cKFuMKo2EI9Rh2s7U9Wm8aa+iwIDAQA
B"

If you had any errors while executing this procedure, review your DNS configuration.

Leave a Reply

Please Login to comment
  Subscribe  
Notify of