On Mon, Jun 10, 2019 at 02:28:46PM +0000, Jukka Pakkanen <jukka.pakka...@qnet.fi> wrote a message of 382 lines which said:
> An example, the client domain is raimoasikainenoy.fi. dig clearly says it's a cookie issue: % dig @193.184.54.212 NS raimoasikainenoy.fi ;; Warning: Client COOKIE mismatch An DNSviz confirms: http://dnsviz.net/d/raimoasikainenoy.fi/dnssec/ Your tests show that it fails only when you use cookies, which is consistent with the above: > ; <<>> DiG 9.14.2 <<>> @ns1.qnet.fi raimoasikainenoy.fi ns ... > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 4096 > ; COOKIE: 55ba199a6d905273458bc2065cfe655462f150936d882603 (good) > ; <<>> DiG 9.14.2 <<>> @8.8.8.8 raimoasikainenoy.fi ns ... > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 512 (Bad Google, no cookies) So, they have broken authoritative name servers. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
