[Pdns-users] SERVFAIL responses on malformed subdomain query

Thib D thibmac0241 at gmail.com
Thu Oct 14 13:52:33 UTC 2021


It seems like pdns auth servers are answering SERVFAIL queries when the
subdomain is malformed in the query. It is testable on powerdns.com domain
- which I assume is hosted on a pdns-auth backend.

Ex :
dig @pdns-public-ns2.powerdns.com. 1+1=2.powerdns.com will return SERVFAIL

dig @pdns-public-ns2.powerdns.com. testingthis.powerdns.com will return
NXDOMAIN as expected

I am not sure what is the correct answer here, but I'm only seeing this on
pdns-auth installations.  From the other authoritative nameservers I've
tested, every single one of them is answering NXDOMAIN ( isc.org /
knot-dns.cz / facebook.com / google.com / nlnetlabs...  ) in this case.

Best regards,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20211014/3e2df5dc/attachment.htm>

More information about the Pdns-users mailing list