[dns-operations] google DNS doing validation?
Paul Wouters
paul at cypherpunks.ca
Mon Jan 28 17:16:58 UTC 2013
On Mon, 28 Jan 2013, Stephan Lagerholm wrote:
> Not sure about that.
>
> I get the AD bit back but oddly enough, the Swedish deliberately broken site trasigdnssec.se does not servfail on the 8.8.8.8/8.8.4.4 but it does on the google dns v6 address:
>
> stephan at pi:~$ dig @8.8.8.8 trasigdnssec.se +dnssec
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58525
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
fails for me:
paul at bofh:~$ dig +dnssec trasigdnssec.se @8.8.8.8
; <<>> DiG 9.9.2-P1-RedHat-9.9.2-6.P1.fc18 <<>> +dnssec trasigdnssec.se
@8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 3541
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
Paul
More information about the dns-operations
mailing list