Using the DNSSEC Trace View
Last updated
Last updated
When you create any DNSSEC trace test, you get access to the DNSSEC Trace view. The DNSSEC Trace view leverages the ThousandEyes standard layout, documented here.
This article highlights specifics shown in the DNSSEC Trace view.
This example shows the result of a globally distributed DNSSEC trace test, targeting internetsociety.org A:
The DNSSEC trace test measures worldwide validity by validating the keychain for the target DNS record from the bottom up. A DNSSEC query has a simple binary response - OK (Valid) or Invalid.
The timeline plots the graph of the average validity of the target domain and record type calculated from all agents assigned to the test.
Use the Overlay to plot the validity percentage (0 or 100) results from the agent as a line graph over the average validity measurements, calculated from all agents, for the selected date and time.
The map tab shows worldwide validity percentage measurements of the target domain and record type calculated from all agents assigned to the test.
You can view trust tree and data chain information for an agent either from the map tab when a single agent is selected, or from any row in the table tab regardless of whether any agents are selected.
The Map tab shows information for a single agent when a single agent is selected (above the timeline). Click View Details to open up a side panel with the trust tree and data chain information
For each agent listed in the Table tab, click the Details link in that agent's row to open up a side panel with the trust tree and data chain information for that agent.
When a single agent is selected, the map shows whether the results from that agent for the target domain and record type are OK (valid) or Invalid. Click on View Details for DNSSEC trace data.
To view agent-specific results, click the Details link under the Status column.
