cbj.gov.jo DNS Report

Health Score: 90%

Need help fixing DNS ? Get an expert advise at support forum

Checked: 1 month before

Parent

NS records at parent servers

ns1.cbj.gov.jo [ 85.159.217.82 ]
ns2.cbj.gov.jo [ 85.159.217.98 ]
[These were obtained from rip.psg.com.]

Glue at parent nameservers 7/7

SUCCESS Parent nameservers know A records for your domain, Very good !

NS

Mismatched glue 7/7

SUCCESS The DNS report did not detect any discrepancies between the glue provided by the parent servers and that provided by your authoritative DNS servers.

Nameservers A records 7/7

SUCCESS Nameservers do include corresponding A records when asked for your NS records. This ensures that your DNS servers know the A records corresponding to all your NS records.

Nameservers report identical NS records 7/7

SUCCESS The NS records at all your nameservers are identical.

Nameservers respond 10/10

SUCCESS All of your nameservers listed at the parent nameservers responded.

Nameserver name validity 7/7

SUCCESS All of the NS records that your nameservers report are valid (no IPs or partial domain names).

Number of nameservers 2/5

WARNING You have 2 nameservers. You must have at least 2 nameservers (RFC2182 section 5 recommends at least 3 nameservers), and preferably no more than 7.

Lame nameservers 7/7

SUCCESS All the nameservers listed at the parent servers answer authoritatively for your domain.

Missing (stealth) nameservers 7/7

SUCCESS All your nameservers are also listed at the parent servers.

Root missing nameservers 7/7

SUCCESS All of the nameservers listed at the parent nameservers are also listed as NS records at your nameservers.

Nameservers on separate class C's 7/7

SUCCESS Nameservers are in a different networks.

public IPs 7/7

SUCCESS All of your NS records appear to use public IPs.

SOA

SOA record

SOA record is:
Hostmaster email
it_networks.cbj.gov.jo
Serial
2018081973
Refresh
7200
Retry
600
Expire
1209600
TTL
900

Serial agreement 0/7

DANGER Some nameservers have a different soa serial number That can occur because of recent master update (slave have not loaded master zone yet) or the is a problem in DNS.
There is serial 2018081973 at nameserver(s) (85.159.217.82)
There is serial 2018081957 at nameserver(s) (85.159.217.98)

SOA MNAME 3/3

SUCCESS SOA (Start of Authority) record states that your master (primary) name server is: ns1.cbj.gov.jo That server is listed at the parent servers, which is correct.

Serial value 1/1

SUCCESS SOA serial number is: 2018081973 This appears to be in the recommended format of YYYYMMDDnn, where 'nn' is the revision. This number must be incremented every time you make a DNS change.

Refresh value 1/1

SUCCESS SOA Retry interval is : 7200 seconds. This seems OK. (Values about 3600-7200 seconds is good if not using DNS NOTIFY; RFC1912 2.2 recommends a value between 1200 to 43200 seconds (20 minutes to 12 hours)). This value determines how often secondary/slave nameservers check with the master for updates.

Retry value 1/1

SUCCESS SOA Retry interval is : 600 seconds. This seems OK. (Values about 120-7200 seconds is good). The retry value is the amount of time your secondary/slave nameservers will wait to contact the master nameserver again if the last attempt failed.

Expire value 1/1

SUCCESS SOA Expire time is : 1209600 seconds. This seems OK. (Values 604800 to 2419200 seconds (1-4 weeks) is good). RFC1912 suggests 2-4 weeks. This is how long a secondary/slave nameserver will wait before considering its DNS data stale if it can't reach the primary nameserver.

TTL value 1/1

SUCCESS SOA Expire time is : 900 seconds. This seems OK. (about 300 to 86400 seconds or 5 min - 24 hours is good). RFC2308 suggests a value of 1-3 hours. This value used to determine the default (technically, minimum) TTL (time-to-live) for DNS entries, but now is used for negative caching.

Info

DNS trace

Trace to cbj.gov.jo
lookup cbj.gov.jo at A.ROOT-SERVERS.NET(198.41.0.4) 37 ms
A.ROOT-SERVERS.NET(198.41.0.4) refer to jo.cctld.authdns.ripe.net(193.0.9.83)
lookup cbj.gov.jo at jo.cctld.authdns.ripe.net(193.0.9.83) 109 ms
jo.cctld.authdns.ripe.net(193.0.9.83) refer to ns1.cbj.gov.jo(85.159.217.82)
lookup cbj.gov.jo at ns1.cbj.gov.jo(85.159.217.82) 138 ms
RECORD does not exist
Total time: 284 ms