behavior for cpfoo.com/NS query
Felipe Gasper
felipe at felipegasper.com
Tue Aug 27 16:18:29 UTC 2019
Hello,
I’ve noticed that unbound (1.9.3, built from source) indicates SERVFAIL in response to a cpfoo.com/NS query. (unbound-host -t NS cpfoo.com)
This same query returns a result from `dig +trace`.
Apparently unbound is doing:
./NS - to the root servers
com./A - to the root servers
cpfoo.com./A - to *.gtld-servers.net
cpfoo.com./NS - to cpfoo.com -> SERVFAIL
Putting aside why cpfoo.com is giving SERVFAIL, why does unbound ask the server itself what its authoritative nameserver is? Wouldn’t *.gtld-servers.net be where that query should go?
Thank you!
-Felipe Gasper
Mississauga, Ontario
More information about the Unbound-users
mailing list