4

Why is DNSSEC % of queries so low?

NextDNS is a validating DNSSEC resolver. This means that we block any response that has an invalid DNSSEC signature or is not signed on a zone that is DNSSEC enabled. Unfortunately, many big domains are not DNSSEC enabled, which is why this number is so low.

2 replies

null
    • Eric.9
    • 3 mths ago
    • Reported - view

    What is a typical percentage?  (Sorry to revive an old thread.)

    Was searching to find an answer.  I'm finding percentages from 0-7.5% with various profiles.  With my TV profile for all my AppleTVs, it's 0%.  With my default network for all computers, phones, etc., it's 7.5%.

      • BigDargon
      • 3 mths ago
      • Reported - view

      The percentage depends on which domain you query? And whether that domain has DNSSEC signing enabled or not?

      Turn on Raw DNS logs and you will see DNSSEC signed domains, there will be a blue padlock icon.

Login to reply

Content aside

Related Articles
How to download logs?
Affiliation Program
What is DNS?
What is DNS over TLS (DoT), DNS over Quic (DoQ) and DNS over HTTPS (DoH & DoH3)?
What is Linked IP
What happens after 300k queries?
What is a malware?
Does NextDNS collect and store personal data?
Does NextDNS share the DNS data that is generated?
What is phishing?
Will NextDNS filter content?
How is NextDNS different from traditional adblockers?
Why is mode 3 required on Firefox?
What is Anycast and Ultralow?
What is DNS Rebinding Protection?
Why is DNSSEC % of queries so low?
How to customize the upstream resolver?
What A and AAAA labels mean in the logs?
What is the advantage of using NextDNS over Pi-hole®?
What is Handshake?
What is EDNS Client-Subnet (ECS)?
Translations
Who is behind NextDNS?
Which setup type to use?
How to get help or report issues?