[Pdns-users] DNSSEC error
Brian Candler
b.candler at pobox.com
Fri Aug 18 08:14:40 UTC 2023
On 18/08/2023 08:53, Huber, Peter via Pdns-users wrote:
>
> i have strange thing using the pdns resolver. My domain uni-wh.de was
> ok for a long time, now there seems to be a DNSSEC problem and I don’t
> know where this comes from, nor how to fix this.
>
> What I am testing:
>
> delv @193.175.243.110 uni-wh.de
>
You say the problem is with a "pdns resolver", but 193.175.243.110 is an
authoritative server, not a recursor.
From the error output you gave, it looks like you're using a tool which
wants to talk to a recursor:
;; chase DS servers resolving 'uni-wh.de/DS/IN': 193.175.243.110#53
;; REFUSED unexpected RCODE resolving 'de/NS/IN': 193.175.243.110#53
;; REFUSED unexpected RCODE resolving './NS/IN': 193.175.243.110#53
;; REFUSED unexpected RCODE resolving 'de/DS/IN': 193.175.243.110#53
Your authoritative server is (correctly) refusing to answer queries for
domains it is not authoritative for, like ".de" and the root.
There are various online DNSSEC checkers. I checked a couple with
uni-wh.de and they seem to think it's fine (and I can resolve it fine),
so I don't think there's any problem.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20230818/06731253/attachment.htm>
More information about the Pdns-users
mailing list