> On Jun 5, 2020, at 3:26 AM, Thomas Mieslinger <[email protected]> wrote:
>
> I have a customer complaining being unable to send/receive email.
>
> https://dnsviz.net/d/sportsproducts.net/dnssec/
>
> shows errors:
> sportsproducts.net/DS: No response was received from the server
> over UDP (tried 12 times). (2001:502:1ca1::30, 2001:503:d414::30,
> 2001:503:eea3::30, UDP_-_NOEDNS_)
>
> sportsproducts.net/NS: No response was received from the server
> over UDP (tried 12 times). (2001:502:1ca1::30, 2001:503:d414::30,
> 2001:503:eea3::30, UDP_-_NOEDNS_)
>
Just to be clear, the "tag" at the end, i.e., "UDP_-_NOEDNS_" is supposed to
help the user understand what query options produced the error, so they can
test it themselves. It's not fully documented, so it's not surprising that
it's confusing. All that it means in this case is that a query was send over
UDP ("UDP") with the RD bit cleared ("-") and no OPT record (NOEDNS), like this:
dig +noedns +ignore @2001:503:eea3::30 sportsproducts.net NS
*That* is the query that produced the error (timeout, in this case). I should
also note that other, full-featured queries were tried previously; the tag just
focuses on the last and simplest query that resulted in the error, to show that
event *that* query couldn't get through.
> From Germany (more specific HE-FRA) I can not reproduce this error.
>
> From us-mkc (as8560): no problem.
Yup, at the moment, dnsviz.net only provides perspective from a single vantage
point.
>
> Answer size reported by dig: 864 (ds)/ 643 (ns)
>
> Anyone an idea what is wrong?
I don't know that there's enough information here to determine what the problem
is here. Some servers are not reachable to retrieve critical records (e.g.,
DS), but that doesn't mean that *all* servers are unreachable.
Casey
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
