[dns-operations] dnssec-failed.org and dns.google
A. Schulze
sca at andreasschulze.de
Wed Aug 14 06:27:54 UTC 2019
Hello,
dnssec-failed.org is widely used to proof dnssec validation is in place.
If someone can reach the domains webserver, the resolver behind the
scene doesn't validate.
now my monitoring alerted me about an unexpected answer:
dig @8.8.8.8 dnssec-failed.org. +aaonly
; <<>> DiG 9.10.3-P4-Debian <<>> @8.8.8.8 dnssec-failed.org. +aaonly
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54820
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;dnssec-failed.org. IN A
;; ANSWER SECTION:
dnssec-failed.org. 7199 IN A 69.252.80.75
;; Query time: 123 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Aug 14 08:25:54 CEST 2019
;; MSG SIZE rcvd: 62
Andreas
More information about the dns-operations
mailing list