On Thu, Sep 22, 2022 at 11:40:35AM +0200, Leeflangetje via Pdns-users wrote:
> Thank you for digging into the issue with that domain :)
>
> The reason we never encountered this before the upgrade to 4.6 must be
> the change in default behaviour regarding dnssec , which went from
>
Thank you for digging into the issue with that domain :)
The reason we never encountered this before the upgrade to 4.6 must be
the change in default behaviour regarding dnssec , which went from
"process-no-validate" to "process", I assume.
(We came from 4.2)
On Thu, 2022-09-22 at 10:26 +0200,
True, TCP is broken as well.
Am 22. September 2022 10:01:58 MESZ schrieb Otto Moerbeek :
>On Thu, Sep 22, 2022 at 09:41:57AM +0200, abang--- via Pdns-users wrote:
>
>> The "NSEC3 proving non-existence" of this zone is broken. See
>> https://dnsviz.net/d/riecis.nl/dnssec/?rr=all=all=all=on=.=
>>
On Thu, Sep 22, 2022 at 09:41:57AM +0200, abang--- via Pdns-users wrote:
> The "NSEC3 proving non-existence" of this zone is broken. See
> https://dnsviz.net/d/riecis.nl/dnssec/?rr=all=all=all=on=.=
>
> You can workaround this issue by setting a NTA for it on your Recursors. It
> is
When trying to check this domain I get an occasinal error:
$ dig @1.1.1.1 riecis.nl
; <<>> dig 9.10.8-P1 <<>> @1.1.1.1 riecis.nl
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30228
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1,
The "NSEC3 proving non-existence" of this zone is broken. See
https://dnsviz.net/d/riecis.nl/dnssec/?rr=all=all=all=on=.=
You can workaround this issue by setting a NTA for it on your Recursors. It is
recommended to inform the owner of the zone in order to fix the root cause.
Winfried
Am
Hi,
Since we upgraded to pdns-recursor 4.6 we sometimes experience some
weird behaviour with queries via pdns-recursor.
Sometimes, when a previously queried record expires through it's TTL,
the recursor does not provide an answer anymore, until it's restarted.
Unfortunately I am not able to
