behavior for cpfoo.com/NS query

Felipe Gasper felipe at felipegasper.com
Tue Aug 27 17:48:13 UTC 2019


This domain appears to be incorrectly configured. Please accept my apologies for the noise.

-FG


> On Aug 27, 2019, at 12:18 PM, Felipe Gasper via Unbound-users <unbound-users at nlnetlabs.nl> wrote:
> 
> Hello,
> 
> 	I’ve noticed that unbound (1.9.3, built from source) indicates SERVFAIL in response to a cpfoo.com/NS query. (unbound-host -t NS cpfoo.com)
> 
> 	This same query returns a result from `dig +trace`.
> 
> 	Apparently unbound is doing:
> 
> ./NS           - to the root servers
> com./A         - to the root servers
> cpfoo.com./A   - to *.gtld-servers.net
> cpfoo.com./NS  - to cpfoo.com -> SERVFAIL
> 
> 	Putting aside why cpfoo.com is giving SERVFAIL, why does unbound ask the server itself what its authoritative nameserver is? Wouldn’t *.gtld-servers.net be where that query should go?
> 
> 	Thank you!
> 
> -Felipe Gasper
> Mississauga, Ontario




More information about the Unbound-users mailing list