[Pdns-users] pdns-recursor 3.7.4 on Redhat Linux always returns SERVFAIL for AAAA lookups
Brian Candler
b.candler at pobox.com
Wed Aug 16 20:41:51 UTC 2017
On 16/08/2017 21:05, Kenneth Marshall wrote:
> Here is what dig says to the nameserver:
>
> dig -t AAAA file-open.rice.edu @open-ssip.rice.edu
dig +trace open-ssip.rice.edu aaaa
says there are 5 authoritative servers that rice.edu is delegated to:
rice.edu. 172800 IN NS ns1.rice.edu.
rice.edu. 172800 IN NS ns2.rice.edu.
rice.edu. 172800 IN NS ns3.purdue.edu.
rice.edu. 172800 IN NS ns4.purdue.edu.
rice.edu. 172800 IN NS dns.smu.rice.edu.
Asking one of those servers, it agrees:
$ dig +norec @ns1.rice.edu rice.edu. ns
...
;; ANSWER SECTION:
rice.edu. 3600 IN NS dns.smu.rice.edu.
rice.edu. 3600 IN NS ns3.purdue.edu.
rice.edu. 3600 IN NS ns4.purdue.edu.
rice.edu. 3600 IN NS ns2.rice.edu.
rice.edu. 3600 IN NS ns1.rice.edu.
So if open-ssip.rice.edu is authoritative, it's hidden. The recursor
won't be sending anything to it, unless you've configured forward-zones
or similar. Have you?
As for the name "file-open.rice.edu", these servers say that it doesn't
exist (neither A nor AAAA)
$ dig +norec @ns1.rice.edu. file-open.rice.edu. a
...
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51751
$ dig +norec @ns1.rice.edu. file-open.rice.edu. aaaa
...
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40835
And actually, the name "open-ssip.rice.edu" doesn't exist either
(NXDOMAIN ditto)
More information about the Pdns-users
mailing list