Strange DNS problem
Stephane Bortzmeyer
bortzmeyer at nic.fr
Mon Jun 10 15:21:12 UTC 2019
On Mon, Jun 10, 2019 at 02:28:46PM +0000,
Jukka Pakkanen <jukka.pakkanen at qnet.fi> wrote
a message of 382 lines which said:
> An example, the client domain is raimoasikainenoy.fi.
dig clearly says it's a cookie issue:
% dig @193.184.54.212 NS raimoasikainenoy.fi
;; Warning: Client COOKIE mismatch
An DNSviz confirms:
http://dnsviz.net/d/raimoasikainenoy.fi/dnssec/
Your tests show that it fails only when you use cookies, which is
consistent with the above:
> ; <<>> DiG 9.14.2 <<>> @ns1.qnet.fi raimoasikainenoy.fi ns
...
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ; COOKIE: 55ba199a6d905273458bc2065cfe655462f150936d882603 (good)
> ; <<>> DiG 9.14.2 <<>> @8.8.8.8 raimoasikainenoy.fi ns
...
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
(Bad Google, no cookies)
So, they have broken authoritative name servers.
More information about the bind-users
mailing list