Hi all,
I am trying to reach out to the DNS operators of dns.com as the email
from the SOA yielded no response.
My issue is that some middlebox or their nameservers are silently
dropping all requests that contain a query for a DS record.
e.g. dig DS dns.com @m1.dns.com will run into a timeout, there will be
no DNS response packet whatsoever.
This leads to e.g. unbound and powerdns marking these servers as
unresponsive, which makes it impossible to resolve any zones hosted on
these auth. servers.
The technical issue is understood on my side and I found a possible
workaround, but I am trying to reach out to them to get this issue fixed
at the root of the problem.
So if somebody knows somebody please let me know or forward this
message, I am happy to discuss the issue in more detail off-list with
the operators involved.
Cheers,
Florian
[The query above is just a quick way to reproduce the issue, it is
pointless to discuss at this point if that DS record belongs in that
zone or to discuss how DNSSEC works etc.]
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
