On 23/04/2018 15:02, G.W. Haywood via bind-users wrote: > Below is from our own DNS server; I get the same response from all the > public servers that I've tried. > > 8<---------------------------------------------------------------------- > mail6:~$ >>> dig -x 149.20.1.60 > > ; <<>> DiG 9.9.5-9+deb8u14-Debian <<>> -x 149.20.1.60 > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 26391 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
If you repeat your query with the +cd option, you'll get a response. DNSViz shows problems with the DNSSEC setup of this zone. The DS and DNSKEY records don't match: http://dnsviz.net/d/1.20.149.in-addr.arpa/dnssec/ Regards, Anand _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
