[Unbound-users] SERVFAIL and CNAME
Robert Fleischman
rmf at fleischman.net
Fri Aug 19 14:53:38 UTC 2011
I have been having trouble resolving "www.balfour.com"
It appears that ns1.worldnic.com and ns2.worldnic.com (the NS for
www.balfour.com") is returning a CNAME response (pointing off to an
amazon'd name) with the SERVFAIL bit set in the header. It also
(according to dig) sometimes spits back a truncated response requiring
a TCP retry.
This combination of things makes unbound a bit upset. I've seen
discussions of this here:
http://mailman.powerdns.com/pipermail/pdns-dev/2010-October/000886.html
(My guess is that worldnic.com is running PowerDNS)
In practice, sometimes unbound returns the A record, sometimes not!
It appears other recursive servers are much more permissive here.
---
Is there a way to make Unbound "happier" about this name and semi-broken setup?
-Rob
More information about the Unbound-users
mailing list