Benchmark: Name Server (NS) Records
Overview
Name servers (NS) are the repositories of information that make up the domain database. The database is divided up into sections called zones, which are distributed among the name servers. The most important function of DNS servers is the translation (resolution) of human-memorable domain names (example.com) and hostnames into the corresponding numeric Internet Protocol (IP) addresses (93.184.216.34), the second principal name space of the Internet, which is used to identify and locate computer systems and resources on the Internet.
When searching for a domain name, it hits the name server, which translates the domain name into the Internet Protocol (IP) address, so that the browser can locate it. Once it’s found the domain name in the name server, web browser uses the IP address to connect to the server and load the requested site.
This benchmark contains best practices for NS records.
Usage
Browse dashboards and select Name Server (NS) Records:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check net_insights.benchmark.dns_ns_best_practicesSnapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share net_insights.benchmark.dns_ns_best_practicesControls
- Name servers should have valid name
- DNS should have at least 2 name servers
- Name servers should answer authoritatively
- All name servers listed at the parent server should respond
- Local DNS name server list should match parent name server list
- DNS should not contain CNAME records if an NS (or any other) record is present
- Name servers should not contain CNAME records if an NS (or any other) record is present
- Name servers should be on different subnets
- Name server records should use public IPs
- Name servers should be in different locations