intermittent failures and queries sent over TCP
dnewman at networktest.com
Wed Aug 19 01:12:45 UTC 2020
On 8/18/20 5:55 PM, Mark Andrews wrote:
> If you are getting RST responses check your firewall settings. RST is often forged
> when TCP is blocked. The root servers normally accept TCP connections.
> % dig +tcp gmail.com @a.root-servers.net +dnssec
Bingo. This query failed before adding a rule to the upstream firewall
to allow outbound queries, and works now.
More information about the bind-users