[dns-operations] What's wrong with my domain?
Stephane Bortzmeyer
bortzmeyer at nic.fr
Wed Jul 2 11:44:43 UTC 2014
On Wed, Jul 02, 2014 at 06:29:22AM -0400,
Mohamed Lrhazi <ml623 at georgetown.edu> wrote
a message of 82 lines which said:
> Some DNS
> servers, notably Google's, return SERVFAIL,
When using a validating resolver, like Google's, always test *also*
with +cd (Checking Disabled). If it works with +cd and servfails
without, you can be pretty sure it is a DNSSEC problem (see Mark
Andrews' analysis).
> This dns report says the NS records do not have A records... but they do in
> my zone data.
>
> http://www.dnssy.com/report.php?q=gu.edu
A poor tool, specially because it reacts badly when there are IPv6
addresses. For better tools, see the article in
<http://www.bortzmeyer.org/tests-dns.html> (updates and comments
welcome).
More information about the dns-operations
mailing list