View on GitHub

DNSViz: A DNS visualization tool

lidl

DNSSEC options (hide)
  1. |?|
  2. |?|
  3. |?|
  4. |?|
  5. |?|
  6. |?|
  7. |?|
Notices
DNSSEC Authentication Chain

RRset statusRRset status

Bogus (2)
  • lidl/NS
  • lidl/SOA

DNSKEY/DS/NSEC statusDNSKEY/DS/NSEC status

Bogus (3)
  • lidl/DNSKEY (alg 7, id 25884)
  • lidl/DNSKEY (alg 7, id 3902)
  • lidl/DNSKEY (alg 7, id 54241)
Secure (5)
  • ./DNSKEY (alg 8, id 19036)
  • ./DNSKEY (alg 8, id 20326)
  • ./DNSKEY (alg 8, id 46809)
  • lidl/DS (alg 7, id 25884)
  • lidl/DS (alg 7, id 54241)

Delegation statusDelegation status

Bogus (1)
  • . to lidl

NoticesNotices

Errors (1)
  • . to lidl: No valid RRSIGs made by a key corresponding to a DS RR were found covering the DNSKEY RRset, resulting in no secure entry point (SEP) into the zone. (72.0.48.75, 72.0.48.76, 185.24.64.91, 194.169.218.91, 203.119.88.75, 203.119.88.76, 212.18.248.91, 212.18.249.91, 2001:67c:13cc::1:91, 2001:dd8:7:6075:dc::1, 2001:dd8:7:6076:dc::1, 2620:171:a00:ad::75, 2620:171:a00:ad::76, 2a04:2b00:13cc::1:91, 2a04:2b00:13ee::91, 2a04:2b00:13ff::91, UDP_0_EDNS0_32768_4096)
Warnings (6)
  • lidl/DS (alg 7, id 25884): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
  • lidl/DS (alg 7, id 25884): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
  • lidl/DS (alg 7, id 25884): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (2001:500:12::d0d, UDP_0_EDNS0_32768_4096)
  • lidl/DS (alg 7, id 25884): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (2001:500:12::d0d, UDP_0_EDNS0_32768_4096)
  • lidl/DS (alg 7, id 54241): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (2001:500:12::d0d, UDP_0_EDNS0_32768_4096)
  • lidl/DS (alg 7, id 54241): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (2001:500:12::d0d, UDP_0_EDNS0_32768_4096)

DNSKEY legend

Full legend
SEP bit setSEP bit set
Revoke bit setRevoke bit set
Trust anchorTrust anchor
Download: png | svg
Warning JavaScript is required to make the graph below interactive.
DNSSEC authentication graph