Re: unable to resolve *.irs.gov at local bind 9.12.0 server ?

Google’s servers don’t add EDNS options to the queries they make so they don’t see the bogus BADVERS response from the servers. BADVERS should never be returned to a EDNS version 0 query but these servers do when the see a EDNS option. There are also other servers that return BADVERS to any

Re: unable to resolve *.irs.gov at local bind 9.12.0 server ?

On 1/27/18 2:47 PM, Rob Sargent wrote: > you should probably also add these so usitc.gov and sss.gov won’t fail if > they fail for you: > > server 63.150.72.5 { send-cookie no; }; # sauthns1.qwest.net > server 208.44.130.121 { send-cookie no; }; # sauthns2.qwest.net. Done,

Re: unable to resolve *.irs.gov at local bind 9.12.0 server ?

On 1/27/18 1:36 PM, Rob Sargent wrote: Just for grins, try adding these lines to your named.conf file [within the appropriate view] to see if that fixes it. I had to add something like it to get usitc.gov working for my customers: server 152.216.7.164 { send-cookie no; }; #

Re: unable to resolve *.irs.gov at local bind 9.12.0 server ?

On 1/27/18, PGNet Dev wrote: > On 1/27/18 11:33 AM, Lee wrote: >> On 1/27/18, PGNet Dev wrote: >>> I've a local bind 9.12.0 server. Works for virtually all domains. >>> >>> For "irs.gov", it fails, >> >> works for me on a local bind 9.11.2 server: >> $

Re: unable to resolve *.irs.gov at local bind 9.12.0 server ?

On 1/27/18 11:33 AM, Lee wrote: On 1/27/18, PGNet Dev wrote: I've a local bind 9.12.0 server. Works for virtually all domains. For "irs.gov", it fails, works for me on a local bind 9.11.2 server: $ dig a irs.gov. Do you any of // forward first; // forward only; //

Re: unable to resolve *.irs.gov at local bind 9.12.0 server ?

On 1/27/18, PGNet Dev wrote: > I've a local bind 9.12.0 server. Works for virtually all domains. > > For "irs.gov", it fails, works for me on a local bind 9.11.2 server: $ dig a irs.gov. ; <<>> DiG 9.11.2 <<>> a irs.gov. ;; global options: +cmd ;; Got answer: ;;

Re: unable to resolve *.irs.gov at local bind 9.12.0 server ?

> Works for me, try figuring out if you have a routing problem getting to > ns[1234].irs.gov. Hm. I've traceroute'd from my local network, & from 2 separate VPNs. I.e., disparate, unrelated nets. All 3 fail at the same points. E.g. at qwest.net, traceroute to ns1.irs.gov

unable to resolve *.irs.gov at local bind 9.12.0 server ?

I've a local bind 9.12.0 server. Works for virtually all domains. For "irs.gov", it fails, dig A irs.gov ; <<>> DiG 9.12.0 <<>> A irs.gov ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: