[176636] in North American Network Operators' Group
Re: Google public DNS - getting SERVFAIL for any domains delegated
daemon@ATHENA.MIT.EDU (Ken Chase)
Sun Dec 7 12:43:27 2014
X-Original-To: nanog@nanog.org
Date: Sun, 7 Dec 2014 12:43:20 -0500
From: Ken Chase <math@sizone.org>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
In-Reply-To: <20141207171922.GA32179@sources.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
Agree on blendive.com and blendedperspectives.com
Not sure how to identify which chunk of google is failing, but here's a trace
for a nonworking query on the above domains:
5. 209.85.241.127
6. google-public-dns-a.google.com
(thru TorIX thus the short path).
EC2 east is succesful (but I cant trace easily, client restrictions in place
grumble).
blendive.com name server pdns04.domaincontrol.com.
blendive.com name server pdns03.domaincontrol.com.
/kc
On Sun, Dec 07, 2014 at 06:19:22PM +0100, Stephane Bortzmeyer said:
>On Sun, Dec 07, 2014 at 12:01:40PM -0500,
> Erik Levinson <erik.levinson@uberflip.com> wrote
> a message of 25 lines which said:
>
>> I'm getting SERVFAIL when trying to resolve any record in any domain
>> whose NSs are pdns01.domaincontrol.com/pdns02.domaincontrol.com/pdns05.domaincontrol.com/pdns06.domaincontrol.com
>> (GoDaddy premium DNS), only when using Google's 8.8.8.8 / 8.8.4.4
>> resolvers, from multiple locations/networks.
>
>Since Google Public DNS validates, and Go Daddy supports DNSSEC, it
>would be useful to test with dig +cd (Checking Disabled) to determine
>if it is a DNSSEC problem or not.
>
>> You can look at targetly.co as one example (should be just an A
>> record to 184.168.221.38 but getting SERVFAIL when querying
>> 8.8.8.8).
>
>Works for me
>
>% dig @8.8.8.8 a targetly.co
>
>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @8.8.8.8 a targetly.co
>; (1 server found)
>;; global options: +cmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4056
>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
>
>;; OPT PSEUDOSECTION:
>; EDNS: version: 0, flags: do; udp: 512
>;; QUESTION SECTION:
>;targetly.co. IN A
>
>;; ANSWER SECTION:
>targetly.co. 242 IN A 184.168.221.38
>
>;; Query time: 67 msec
>;; SERVER: 8.8.8.8#53(8.8.8.8)
>;; WHEN: Sun Dec 7 18:07:58 2014
>;; MSG SIZE rcvd: 56
>
--
Ken Chase - math@sizone.org - Toronto Canada
