[Dnsmasq-discuss] seeing www.ietf.org fail dnssec with dnsmasq rc7
Dave Taht
dave.taht at gmail.com
Wed May 6 20:09:59 BST 2015
Suspecting edns0 (I am also using ipv6 only as my upstream forwarder),
i dropped edns_packet_max
dair-833:babeld d$ dig +dnssec www.ietf.org
;; Truncated, retrying in TCP mode.
; <<>> DiG 9.8.3-P1 <<>> +dnssec www.ietf.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4614
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1200
;; QUESTION SECTION:
;www.ietf.org. IN A
;; ANSWER SECTION:
www.ietf.org. 1292 IN CNAME www.ietf.org.cdn.cloudflare-dnssec.net.
www.ietf.org. 1292 IN RRSIG CNAME 5 3 1800 20160426153432
20150427143650 40452 ietf.org.
P/M2NpsObZhTLqxxkQqDnKCkIqhgcBQcSRidfikEAFDrNUKJDeah8z4S
8/QRGqsn4OtmZHHhm0LwfxtUrqQkB/sbQzoUVgAdPQHQRxmUpZ58BQ4O
P8jcThPIWnlauBBNusbTuq/iEo2L73P+eBBesGq+rCiUDmKHAfbo2aF4
fKh9q8NjmJbfAoD6ihjq5aNigzPErwv7mZ6jLg/eS1xh12pox5EYAUnO
lPXIj5puSgizSkr7oOZv41kIiqxyvxGdu37ti7zc73p5NGI5qng+eSOE
JcvK0VQc1Rn18nlwnq3yM+o6VldGDfMX6WY+zywKwyI3tFnpqAtKC+CJ /JxtIw==
www.ietf.org.cdn.cloudflare-dnssec.net. 64 IN A 104.20.0.85
www.ietf.org.cdn.cloudflare-dnssec.net. 64 IN A 104.20.1.85
www.ietf.org.cdn.cloudflare-dnssec.net. 64 IN RRSIG A 13 6 300
20150507200525 20150505180525 35273 cloudflare-dnssec.net.
jcky3oJ2x1ZUfEQJCSLEqjCWA9ifxAArUb2ZVsnHbhBngBq0IvER4KCU
mrdAy7+5vHduGsaMg/y4mHLfJohcRA==
;; Query time: 222 msec
;; SERVER: 172.26.16.1#53(172.26.16.1)
;; WHEN: Wed May 6 12:08:13 2015
;; MSG SIZE rcvd: 538
On Wed, May 6, 2015 at 11:22 AM, Dave Taht <dave.taht at gmail.com> wrote:
> nslookup www.ietf.org fails again... it did not fail a few days ago.
>
> chrome returns nxdomain
>
>
> --
> Dave Täht
> Open Networking needs **Open Source Hardware**
>
> https://plus.google.com/u/0/+EricRaymond/posts/JqxCe2pFr67
--
Dave Täht
Open Networking needs **Open Source Hardware**
https://plus.google.com/u/0/+EricRaymond/posts/JqxCe2pFr67
More information about the Dnsmasq-discuss
mailing list