[Unbound-users] Unbound 1.4.8 returns sporadic SERVFAIL -- solved
Jan-Piet Mens
unbound at mens.de
Fri Feb 25 21:47:11 UTC 2011
Wouter,
> The NS record is bogus. When it finds out the NS record is
> bogus, unbound refuses to talk to those nameservers.
Paul Wouters was right: the zone content was bad, and Andreas spotted
the cause: multiple RRSIGs on the NS RRset. My pdns signer erroneously
created them, but that has just been fixed in r2053.
I thought it was Unbound only, because neither BIND nor [1], [2], or [3]
hinted that something was wrong. That worries me.
Thank you all,
-JP
[1] http://dnssec-debugger.verisignlabs.com/
[2] http://dnsviz.net/
[3] http://dnscheck.iis.se/
More information about the Unbound-users
mailing list