[dns-operations] google DNS doing validation?
Robert Edmonds
edmonds at isc.org
Mon Jan 28 18:08:50 UTC 2013
Paul Wouters wrote:
> On Mon, 28 Jan 2013, Robert Edmonds wrote:
>
> >can 8.8.8.8 be used behind a validating forwarder now? the last time i
> >tried that it didn't work (i think there was some difficulty with
> >locating DS records), but that was a while ago.
>
> That was fixed about a year ago....
about a year ago was when i last tested it, and there were problems
locating DS records (specifically, DS records in TLDs, iirc).
; <<>> DiG 9.9.0b2 <<>> @8.8.8.8 -t ds com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 59537
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;com. IN DS
;; Query time: 112 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Feb 8 11:42:55 2012
;; MSG SIZE rcvd: 32
which works now:
; <<>> DiG 9.8.4-P1 <<>> @8.8.8.8 -t ds com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34500
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;com. IN DS
;; ANSWER SECTION:
com. 19085 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
;; Query time: 12 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 28 13:04:17 2013
;; MSG SIZE rcvd: 69
--
Robert Edmonds
edmonds at isc.org
More information about the dns-operations
mailing list