problems resolving domains unser NSxx.DOMAINCONTROL.COM - this problem i have too! :(((((
Erwin Lansing
erwin at FreeBSD.org
Tue Jun 22 09:20:38 UTC 2010
On Mon, Jun 21, 2010 at 05:31:59PM +0200, Rok Poto??nik wrote:
> Anyway.. I found out what the problem is... they don't reply to dnssec
> enabled requests...
>
> $ dig +short @ns33.domaincontrol.com. replacementservices.com.
> 72.32.12.235
>
> $ dig +short +dnssec @ns33.domaincontrol.com. replacementservices.com.
> ;; connection timed out; no servers could be reached
>
> wanna boycott godaddy?
>
Actually, they don't support EDNS either, so you'll get timeouts even
without DNSSEC:
erwin at orange:~% dig +short +edns=0 @ns33.domaincontrol.com. replacementservices.com.
;; connection timed out; no servers could be reached
erwin at orange:~% dig +short @ns33.domaincontrol.com. replacementservices.com.
72.32.12.235
Note that Bind 9.5 fixed the timeout issue by resending it as a plain
request, you may want to upgrade your recursors if they are still on
9.4. See last item in the list: https://www.isc.org/software/bind/new-features/9.5
-erwin
--
Erwin Lansing (o_ _o) http://droso.org
Ceterum censeo \\\_\ /_///
Carthaginem esse delendam <____) (____> erwin at lansing.dk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100622/6bcee0b7/attachment.bin>
More information about the bind-users
mailing list