logoalt Hacker News

AndyMcConachietoday at 1:52 PM1 replyview on HN

Great site. If you don't mind I have feature requests, but feel free to ignore them because OSS is OSS and you shouldn't feel obligated.

1) Include a link to dnsviz.net to check on the DNSSEC status of domains. They've already done all the work and it would be a nice integration.

2) Something that I wish more DNS operators understood is the concept of shared fate between authoritative name servers. Shared fate can come in the form of same AS, same upstream, same parent domain, etc. Operators might think they have redundancy when in fact all their servers are located in the same AS, for example. If there is any way you can highlight this or show this it would be useful.

3) I didn't try looking up a phishing domain, but displaying whether a domain exists on popular block lists would be awesome.

I love your attempt at understanding all the TXT RRs that have spread across the DNS in the last 10 years. What a mess.

You're right in that this is a rabbit hole. You could spend the rest of your life building this and never actually completing it, be careful!

Replies

pultoday at 2:06 PM

Those are really useful suggestions, thanks!

> 1) Include a link to dnsviz.net to check on the DNSSEC status of domains.

I use DNSViz all the time. They've done a great job of displaying the entire trail and helping debug DNSSEC issues. But it's a bit too detailed for my liking. I'm thinking about how I would add this to Wirewiki. What to show and hide by default, how to format it, etc. Adding something similar is pretty high on my list for Wirewiki.

> 2) Shared fate [...]

I do already show ASNs for A/AAAA records, but adding those to NS and MX addresses as well would be useful. I'm a bit hesitant to add more data to the overview, but a separate page that shows an analysis of shared name server resources could be useful indeed. I've added it to the list.

> 3) displaying whether a domain exists on popular block lists would be awesome.

Absolutely. Already on the list :)

> You could spend the rest of your life building this and never actually completing it, be careful!

Haha, I've already spent 5 years, and I don't mind to keep going as long as it's interesting and sustainable!