Re: [Unbound-users] Cannot resolve the MX for bk.bund.de using unbound

Thu, 13 Dec 2012 01:30:53 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Ralf,

On 12/13/2012 10:12 AM, Ralf Hildebrandt wrote:
>>> Good question, works fine here ;-)
>> 
>> It looks like their RRSIGs got resigned today, so perhaps there
>> were expired or not-yet valid RRSIGs? Or a botched key rollover?
>> 
>> It seems to work fine now.
> 
> I'm still having problems:
> 
> root@mail2:~# dig @127.0.0.1 -t mx bk.bund.de
> 
> ; <<>> DiG 9.8.1-P1 <<>> @127.0.0.1 -t mx bk.bund.de ; (1 server
> found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<-
> opcode: QUERY, status: SERVFAIL, id: 48547 ;; flags: qr rd ra;
> QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION: ;bk.bund.de. IN MX
> 
> ;; Query time: 25 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN:
> Thu Dec 13 10:12:01 2012 ;; MSG SIZE  rcvd: 28
> 
> How can I debug this further?

If you do dnssec validation, set the val-log-level: 2 in unbound.conf.
Then it prints detailed errors about what goes wrong (and reload or
restart unbound).

You can get diagnostics out of unbound-control.  With lookup bund.de
and dump_infra | grep <ip of bund.de nameservers that you saw in lookup>

If it still fails, increase the verbosity level to gain more information.

Best regards,
   Wouter


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBAgAGBQJQyZ+aAAoJEJ9vHC1+BF+Nwo8P+gO3EMklYAA3yqzFPqtBK1/T
n/JQuTaGfCYSz/aeaVuCH4l4eTHO+WnasxDfiWgBrtF2cvxRADBn40xpbaOlytgw
dwqGJfIDeCji6oT/nVraMyswvXt6Y3x7eYxDgaKGhZZOOYHJ1+QGPalU033m6WNf
Za7SmhnDWqEbXzAuJhDB/iR6DRjNv+NxqMfTzw9y/6WyIYQJp4mcc0651P1Myxm/
K7Yaa1JpOqeNmjcYIMZNQomDy7vZnpubm7L2OKKEZ+olApvFP5Cl17kVQp+23NWW
+t5V4XVAbY7C8yZFvN0LrBL2q3w7m7BPlzqxjPzNuONjVW7MXjXBkss6WKOoL3IT
3eSVGNIchkZ4sVLv+Rb18aPK9QPahhtBisRUmHe4Q5KAspayhkZ1kmth27QXO7y9
NOwyzT9I6H1AA9Q6bYCIMtUMGdQABRvXoC28qc/XEfNn3p3QPChK8Frkz1rWR5yf
CZB3dE6zvxolVSWs45aORZYUNDnwaIzb2LLXNS6QXMETKDj0Z9pBgOTY5PufYCZX
r7QWAij2hbouK7Hf1ohdRUQmaMK908vFf7vt506H7hMe7JZnozHseSiRKA3PpKc5
/etUei933mD1cTVrX5HPkHm6tCA4awpyifvnJPuUrQCPDkAk//PBf+5C2ovP1q3o
5bPBAV/tJGC8X6tOwcWB
=gPFA
-----END PGP SIGNATURE-----
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users

Reply via email to