jpmens

; <<>> DiG 9.16.22 <<>> @ns3.postbank.de. postbank.de DNSKEY +nocrypto
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62863
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:

jpmens

; <<>> DiG 9.16.22 <<>> postbank.de DNSKEY +nocrypto
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11675
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:

jpmens

;; Truncated, retrying in TCP mode.

; <<>> DiG 9.16.22 <<>> postbank.de DNSKEY +multi
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8288
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232

jpmens

; <<>> DiG 9.16.22 <<>> postbank.de DS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30239
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:

jpmens

; <<>> DiG 9.16.22 <<>> @a.ns.se. sportbladet.se +dnssec +norec +multi
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4697
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096

jpmens

| . (root)   |       | org.             |       | example.org.         |       | sub.example.org. |
| ---------- |       | ---------------- |       | -------------------- |       | ---------------- |
| SOA        |       | SOA              |       | SOA                  |       | SOA              |
| NS         |       | NS               |       | NS                   |       | NS               |
| DNSKEY     |   ┌── | DNSKEY           |   ┌── | DNSKEY               |   ┌── | DNSKEY           |
| DS (org)   | ──┘   | DS (example.org) | ──┘   | DS (sub.example.org) | ──┘   | AAAA             |

ASCII art by @mritzmann based on a diagram I made.

jpmens

; <<>> DiG 9.16.9 <<>> devsn.se NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43714
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:

jpmens

; <<>> DiG 9.16.9 <<>> @x.ns.se devsn.se NS +norec
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2318
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096

jpmens

$TTL 3600
$ORIGIN 10.in-addr.arpa.
@	SOA mwl.io. mwl.mwl.io. 2021093002 3600 900 3600000 3600
	NS  ns1.mwl.io.
	NS  ns2.mwl.io.
;USA
0	NS  ns1.mwl.io.
0	NS  ns2.mwl.io.
;UK
1	NS  ns3.mwl.io.

jpmens

SOA a.ns.facebook.com. dns.facebook.com. 1633602833 14400 1800 604800 300 from server 2a03:2880:f1fc:c:face:b00c:0:35 in 14 ms.
SOA a.ns.facebook.com. dns.facebook.com. 1633602833 14400 1800 604800 300 from server 2a03:2880:f0fc:c:face:b00c:0:35 in 17 ms.
SOA a.ns.facebook.com. dns.facebook.com. 1633602833 14400 1800 604800 300 from server 185.89.218.12 in 19 ms.
SOA a.ns.facebook.com. dns.facebook.com. 3954289570 14400 1800 604800 300 from server 2a03:2880:f1fd:c:face:b00c:0:35 in 21 ms.
SOA a.ns.facebook.com. dns.facebook.com. 3954289570 14400 1800 604800 300 from server 185.89.219.12 in 21 ms.
SOA a.ns.facebook.com. dns.facebook.com. 1633602833 14400 1800 604800 300 from server 129.134.30.12 in 21 ms.
SOA a.ns.facebook.com. dns.facebook.com. 1633602833 14400 1800 604800 300 from server 129.134.31.12 in 34 ms.
SOA a.ns.facebook.com. dns.facebook.com. 1633602833 14400 1800 604800 300 from server 2a03:2880:f0fd:c:face:b00c:0:35 in 34 ms.