When activating a domain name, name servers must be properly configured.

Testing the name servers before communicating them to the registrar managing the name makes it possible to ensure that they properly configured.

Checking a domain name zone configuration

A minimum of two server names must respond positively in order to activate a domain.

DNSSEC (Domain Name System Security Extensions) technology authenticates DNS records using cryptographic keys to ensure that each domain fits perfectly into a trusted chain within the tree of the Internet-based naming system.

Enter the characters shown in the image.

Controlled data 

  • The server names are authoritative for the requested domain.

  • The name provided for the server names is a Canonical Name; it does not correspond to a CNAME record.

  • The name of the name servers corresponds to the IP address provided.

  • Name servers are listed as name servers (IN NS record) of the requested domain.

  • The server names correspond to the definitions given in the RFC.

Validating configurations

Different validation steps apply depending on the name server configuration submitted. If there is a failure, the servers are considered non-functional.


The server name is part of the domain name it manages
Exemple : ns1.dns.lu is part of the domain dns.lu

The server name is not part of the domain it manages

Step 1
  • An 'A' query requesting the name server's name is sent to the server's IP address.

  • The server's response must be authoritative and contain the server's IP address, and not return the name of the server in the form of an alias.

  • An 'NS' query requesting the domain is sent to the IP address obtained by normal resolution of the server name (and not the IP address indicated in the 'IP Address' field).

  • The response must be authoritative and contain the queried server's name.

Step 2
  • An 'NS' query requesting the domain name in question is sent to the server's IP address.

  • The response must be authoritative and contain the server's name.

  • An 'A' query requesting the server name is sent to any server name that can handle recursive resolutions.

  • The response must contain the IP address of the server name as indicated in the 'IP Address' field, and the server name must be a Canonical Name (CNAME).

Additional features None
  • Sending requests through UDP (User Datagram Protocol) datagrams.
  • Re-sending requests three times in four-second intervals.