[Pdns-users] recursor getting ServFail from public DNS servers?

Mohamed Lrhazi lrhazi at gmail.com
Fri Sep 28 22:54:41 UTC 2018 

Just tested with the rpm from the mater branch repo, same issue!

On Fri, Sep 28, 2018 at 6:43 PM Mohamed Lrhazi <lrhazi at gmail.com> wrote:

> Actually, querying the same problem record, from one of those public DNS
> servers, from the same docker container on the same machine, works fine:
>
> [root at 84d867895136 /]# dig txt mit.edu @1.1.1.1
>
> ; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> txt mit.edu @1.1.1.1
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55611
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1452
> ;; QUESTION SECTION:
> ;mit.edu.                       IN      TXT
>
> ;; ANSWER SECTION:
> mit.edu.                60      IN      TXT     "v=spf1 ip4:18.7.7.0/24
> ip4:18.7.21.0/24 ip4:18.72.0.0/16 ip4:18.7.68.0/24 ip4:18.7.68.0/24 ip4:
> 18.9.25.0/24 ip4:18.9.21.35 ~all"
> mit.edu.                60      IN      TXT
>  "adobe-idp-site-verification=1080c301-654e-4a4b-869a-b0fcf1945906"
>
> ;; Query time: 219 msec
> ;; SERVER: 1.1.1.1#53(1.1.1.1)
> ;; WHEN: Fri Sep 28 22:42:05 UTC 2018
> ;; MSG SIZE  rcvd: 253
>
> [root at 84d867895136 /]#
>
>
>
> On Fri, Sep 28, 2018 at 6:40 PM Mohamed Lrhazi <lrhazi at gmail.com> wrote:
>
>> I trying a new deployment, with PowerDNS Recursor 4.1.4
>> And I seem to be getting failures systematically for some records, such
>> as this example :
>>
>> Sep 28 20:21:35 [8] mit.edu: initial validation status for mit.edu is
>> Indeterminate
>> Sep 28 20:21:35 [8] mit.edu: Cache consultations done, have 1 NS to
>> contact
>> Sep 28 20:21:35 [8] mit.edu: Domain has hardcoded nameservers
>> Sep 28 20:21:35 [8] mit.edu: Resolved '.' NS (empty) to: 1.1.1.1,
>> 1.0.0.1, 8.8.8.8, 8.8.4.4
>> Sep 28 20:21:35 [8] mit.edu: Trying IP 1.1.1.1:53, asking 'mit.edu|TXT'
>> Sep 28 20:21:35 [8] mit.edu: (empty) (1.1.1.1) returned a ServFail,
>> trying sibling IP or NS
>> Sep 28 20:21:35 [8] mit.edu: Trying IP 1.0.0.1:53, asking 'mit.edu|TXT'
>> Sep 28 20:21:35 [8] mit.edu: (empty) (1.0.0.1) returned a ServFail,
>> trying sibling IP or NS
>> Sep 28 20:21:35 [8] mit.edu: Trying IP 8.8.8.8:53, asking 'mit.edu|TXT'
>> Sep 28 20:21:35 [8] mit.edu: (empty) (8.8.8.8) returned a ServFail,
>> trying sibling IP or NS
>> Sep 28 20:21:35 [8] mit.edu: Trying IP 8.8.4.4:53, asking 'mit.edu|TXT'
>> Sep 28 20:21:35 [8] mit.edu: (empty) (8.8.4.4) returned a ServFail,
>> trying sibling IP or NS
>> Sep 28 20:21:35 [8] mit.edu: Failed to resolve via any of the 1 offered
>> NS at level '.'
>> Sep 28 20:21:35 [8] mit.edu: failed (res=-1)
>> Sep 28 20:21:35 2 [8/1] answer to question 'mit.edu|TXT': 0 answers, 1
>> additional, took 4 packets, 12.764 netw ms, 13.769 tot ms, 0 throttled, 0
>> timeouts, 0 tcp connections, rcode=2
>>
>>
>>
>> Trying another record, say, mx mit.edu or txt harvard.edu or yahoo.com
>> works.
>>
>> What could be causing such issue?
>>
>> Thanks a lot,
>> Mohamed.
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20180928/1c14da8a/attachment.html>

More information about the Pdns-users mailing list