Agree on blendive.com and blendedperspectives.com Not sure how to identify which chunk of google is failing, but here's a trace for a nonworking query on the above domains:
5. 209.85.241.127 6. google-public-dns-a.google.com (thru TorIX thus the short path). EC2 east is succesful (but I cant trace easily, client restrictions in place grumble). blendive.com name server pdns04.domaincontrol.com. blendive.com name server pdns03.domaincontrol.com. /kc On Sun, Dec 07, 2014 at 06:19:22PM +0100, Stephane Bortzmeyer said: >On Sun, Dec 07, 2014 at 12:01:40PM -0500, > Erik Levinson <erik.levin...@uberflip.com> wrote > a message of 25 lines which said: > >> I'm getting SERVFAIL when trying to resolve any record in any domain >> whose NSs are pdns01.domaincontrol.com/pdns02.domaincontrol.com/pdns05.domaincontrol.com/pdns06.domaincontrol.com >> (GoDaddy premium DNS), only when using Google's 8.8.8.8 / 8.8.4.4 >> resolvers, from multiple locations/networks. > >Since Google Public DNS validates, and Go Daddy supports DNSSEC, it >would be useful to test with dig +cd (Checking Disabled) to determine >if it is a DNSSEC problem or not. > >> You can look at targetly.co as one example (should be just an A >> record to 184.168.221.38 but getting SERVFAIL when querying >> 8.8.8.8). > >Works for me > >% dig @8.8.8.8 a targetly.co > >; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @8.8.8.8 a targetly.co >; (1 server found) >;; global options: +cmd >;; Got answer: >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4056 >;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 > >;; OPT PSEUDOSECTION: >; EDNS: version: 0, flags: do; udp: 512 >;; QUESTION SECTION: >;targetly.co. IN A > >;; ANSWER SECTION: >targetly.co. 242 IN A 184.168.221.38 > >;; Query time: 67 msec >;; SERVER: 8.8.8.8#53(8.8.8.8) >;; WHEN: Sun Dec 7 18:07:58 2014 >;; MSG SIZE rcvd: 56 > -- Ken Chase - m...@sizone.org - Toronto Canada
