All-in-one DNS utility

Introduction

The command-line script below runs through many of the most-needed tests to troubleshoot DNS issues related to Netlify hosting. Note that this is written for Zshell, so if you are still using Bash you will need to regress a couple of the features. As noted in the header, you will also need to install some command-line utilities, which is easiest to do via Homebrew. The first printf command resizes the default Terminal window in macOS to fit my screen. You may need to adjust that to taste. Reading this source code can be rough sledding, so I recommend running this in your Terminal so you get the benefit of the built-in formatting.

Use

  1. Copy all the lines of code in the shaded box below.
  2. Paste the copied text into a new, empty text editor (not a word processor) document, and save it with a .zsh file extension. FWIW, I call this file netlify.zsh.
  3. In your Terminal, navigate to the folder / directory where you saved this file (typically done using the cd command).
  4. Invoke the script from the command line by typing in ./ and then the name of the file (in my case, this would be ./netlify.zsh).
  5. After you invoke this script via the command line, it asks for the apex domain of interest, and assumes the www subdomain but allows you to change that to whatever subdomain you wish to investigate.
  6. Depending on the speed of your Internet connection and the gods of DNS, it will take anywhere from a few seconds to a minute or so for the entire script to run. However, after results start coming in, you can scroll the Terminal window while the script finishes executing — you don’t have to wait until the script runs to completion before examining the results.

Note

There is some overlap in the information returned, which can be either helpful or irritating. Your choice.

The code

#!/bin/zsh
# View domain and DNS information for Netlify sites
# change the values for domain and fqdn and run from the command line
# you may need to install some components using Homebrew
# if using bash you'll need to change some of this syntax
printf "\e[8;70;100t"
subdomain="www"
read -r apex"?Apex domain: "
vared -p "Subdomain: " subdomain
printf "\n"
fqdn=$subdomain.$apex
linebreak="|================================================================\n\n\n\n"
: $((vara=60 - ${#apex}))
if [ $((vara % 2)) -eq 1 ]
then
    : $((vara=vara + 1))
fi
: $((vara=vara / 2))
: $((varf=60 - ${#fqdn}))
if [ $((varf % 2)) -eq 1 ]
then
    : $((varf=varf + 1))
fi
: $((varf=varf / 2))
u="--------------------------------------------------------------------"
pada=${u:1:$vara}
padf=${u:1:$varf}
echo "|============== Check domain info for Netlify sites ============="
printf "\n"
echo "|====================== whois registrar for ====================="
echo "| ${pada} $apex ${pada}"
whois $apex | grep "Registrar URL"
echo $linebreak
echo "|===================== whois name server(s) for ===================="
echo "| ${pada} $apex ${pada}"
whois $apex | egrep -i "(name server|updated date)"
echo $linebreak
echo "|===================== dig name server(s) for ==================="
echo "| ${pada} $apex ${pada}"
echo "| ------------------- should agree with whois -------------------"
dig $apex -t NS +short
printf "\n"
echo "| ${padf} $fqdn ${padf}"
echo "| ------------ blank if pointing to the apex domain -------------"
echo "| ------------------ in the Netlify dashboard -------------------"
dig $fqdn -t NS +short
echo $linebreak
echo "|====================== dig A record(s) for ====================="
echo "| ${pada} $apex ${pada}"
echo "| ---------- Netlify's old load balancer: 104.198.14.52 ---------"
echo "| ------------ Netlify's new load balancer: 75.2.60.5 -----------"
dig $apex -t A +short
whois "$(dig $apex -t A +short)" | grep Organization
printf "\n"
echo "| ${padf} $fqdn ${padf}"
dig $fqdn -t A +short
whois "$(dig $fqdn -t A +short)" | grep Organization
printf "\n"
echo "See the documentation here:"
echo "https://docs.netlify.com/domains-https/custom-domains/configure-external-dns/"
echo $linebreak
echo "|======================= dig CNAME(s) for ======================="
echo "| ${padf} $fqdn ${padf}"
echo "| ------------ will be blank when using Netlify DNS -------------"
dig $fqdn -t CNAME +short
echo $linebreak
echo "|================== check for inactive DNS zone ================="
echo "| --------------- last line should show nsone.net ---------------"
echo "| ----------------- for sites using Netlify DNS -----------------"
echo "| ---------------- otherwise will show DNS source ---------------"
echo "| ${pada} $apex ${pada}"
dig $apex +trace -t NS | tail -n 6
# echo "| ${padf} $fqdn ${padf}"
# dig $fqdn +trace -t NS | tail -n 6
echo "See the documentation here:"
echo "https://answers.netlify.com/t/support-guide-how-to-detect-and-fix-inactive-netlify-dns-zones/21742"
echo "The solution is either a) activate the inactive zone or b) delete the inactive zone."
echo $linebreak
echo "|======================== check for DNSSEC ======================"
echo "| ---------------------- should be unsigned ---------------------"
whois $apex | grep "DNSSEC"
echo $linebreak
echo "|======================== check for server ======================"
echo "| ---------------------- should be Netlify ----------------------"
echo "| ${pada} $apex ${pada}"
curl -svo /dev/null http://$apex 2>&1 | grep server:
printf "\n"
echo "| ${padf} $fqdn ${padf}"
curl -svo /dev/null http://$fqdn 2>&1 | grep server:
echo $linebreak
echo "|====================== check for redirects ====================="
echo "| ---------------------------- http -----------------------------"
echo "| ${pada} $apex ${pada}"
curl --head --location http://$apex
printf "\n"
echo "| ---------------------------- http -----------------------------"
echo "| ${padf} $fqdn ${padf}"
curl --head --location http://$fqdn
echo $linebreak
echo "|====================== check for redirects ====================="
echo "| ---------------------------- https ----------------------------"
echo "| ${pada} $apex ${pada}"
curl --head --location https://$apex
printf "\n"
echo "| ---------------------------- https ----------------------------"
echo "| ${padf} $fqdn ${padf}"
curl --head --location https://$fqdn
echo $linebreak
echo "|======================== host check for ========================"
echo "| ${pada} $apex ${pada}"
host $apex
printf "\n"
echo "| ${padf} $fqdn ${padf}"
host $fqdn
echo $linebreak
echo "|======================== check load time ======================="
echo "| ${pada} $apex ${pada}"
ab http://$apex/
printf "\n"
echo "| ${padf} $fqdn ${padf}"
ab http://$fqdn/
echo $linebreak
# echo "|======================== https check for ======================="
# echo "| ${pada} $apex ${pada}"
# https -h $apex
# printf "\n"
# echo "| ${padf} $fqdn ${padf}"
# https -h $fqdn
# echo $linebreak
# echo "|====================== httpstat check for ======================"
# echo "| ${pada} $apex ${pada}"
# httpstat $apex
# printf "\n"
# echo "| ${padf} $fqdn ${padf}"
# httpstat $fqdn
# echo $linebreak
echo "|================== check SSL record blocking ==================="
echo "| ---------------------- should be blank ------------------------"
echo "| ------------------ when using Netlify DNS ---------------------"
echo "| ${pada} $apex ${pada}"
dig +noall +answer $apex -t CAA
printf "\n"
echo "| ${padf} $fqdn ${padf}"
dig +noall +answer $fqdn -t CAA
echo $linebreak
echo "|================== check SSL certificate dates ================="
echo "| ${pada} $apex ${pada}"
sslscan $apex
# openssl s_client -connect $apex:443  2>/dev/null | openssl x509 -noout -dates
printf "\n"
echo "| ${padf} $fqdn ${padf}"
sslscan $fqdn
# openssl s_client -connect $fqdn:443  2>/dev/null | openssl x509 -noout -dates
echo $linebreak
echo "|====================== get x-nf-request-id ====================="
echo "| -------------------- blank if not Netlify ---------------------"
echo "| ${pada} $apex ${pada}"
echo "| ---------------------------- http -----------------------------"
curl -svo /dev/null http://$apex 2>&1 | grep 'x-nf-request-id'
echo "| ---------------------------- https ----------------------------"
curl -svo /dev/null https://$apex 2>&1 | grep 'x-nf-request-id'
echo "| ${padf} $fqdn ${padf}"
echo "| ---------------------------- http -----------------------------"
curl -svo /dev/null https://$fqdn 2>&1 | grep 'x-nf-request-id'
echo "| ---------------------------- https ----------------------------"
curl -svo /dev/null https://$fqdn 2>&1 | grep 'x-nf-request-id'
echo $linebreak

Sample results

Built with BBEdit