cannot resolve oppedahl.com from uspto.gov domain

[Cricket Liu]

On Feb 3, 2012, at 7:25 AM, Bill Owens wrote:

> On Fri, Feb 03, 2012 at 10:04:19AM -0500, Lear, Karen (Evolver) wrote:
>> Who would be responsible for opening a trouble report to GoDaddy?  I don't understand exactly what the problem is here.
> 
> It looks, from the outside, as though the Oppedahl Patent Law Firm LLC uses GoDaddy for DNS registration, DNS server hosting, and web server hosting. They're also DNSSEC-signing their domain (for which they should be praised ;)
> 
> The GoDaddy DNS servers are distributed around the network in various colocation sites, and reachable by IP anycast, which means that a number of different hosts will answer queries as if they were 'dns1.oppedahl.com', they are all reachable over the same IP address, and normal IP routing takes your DNS queries to the closest one. When I query for oppedahl.com, I use servers in Chicago and they work fine. When you're trying to query for oppedahl.com, you're likely using the same Washington, DC area server that Florian was using, and it is broken; it doesn't respond to queries that use EDNS0, and therefore can't handle DNSSEC. 

This is consistent with something I noticed earlier:  DNSViz validates oppedahl.com's chain of trust without a problem, but Verisign Labs' DNSSEC Debugger reports no response from oppedahl.com's name servers.  DNSViz is hosted by Sandia, presumably in New Mexico, while Verisign Labs is in the D.C. area.

Running an anycast instance that doesn't support EDNS0, though?  Yeesh!

> Since Oppedahl is the GoDaddy customer, they should open a support case. It should be especially important for them to have the USPTO be able to reach their website, email, etc. so I'd think they would want to follow up on this quite vigorously. . .
> 
> Incidentally their phone numbers are 970-468-8600 and 303-252-8800, since you can't get them off the website any more ;)

I've been working with Carl (Oppedahl) on this and asked him to open a ticket.

cricket