Barclays bank domain unresolvable only on some servers

G.W. Haywood bind at jubileegroup.co.uk
Sun Jun 16 13:00:36 UTC 2019


Hi there,

On Sun, 16 Jun 2019, Mark Andrews wrote:

> The servers for this zone are broken, they do not respond to queries with DNS
> COOKIE options present.  You can add server options to named.conf to work around
> this while Barclays fix their servers / firewalls.  Modern recursive servers are
> no longer working around broken servers that do not respond to queries.  See
> DNS flag day.  It looks like Barclays ignored the messages.

They have some history of ignoring messages:

$ whois barclays.com | grep DNSSEC
    DNSSEC: unsigned

-- 

73,
Ged.


More information about the bind-users mailing list