We have to query and compare against NIST time servers for FINRA compliance. This morning I noticed our systems are unable to DNS query the NIST time servers. Neither our local resolvers or google (8.8.8.8) work.
[root@bacall log]# dig @8.8.8.8 time-a-g.nist.gov ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.5 <<>> @8.8.8.8 time-a-g.nist.gov ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 36018 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;time-a-g.nist.gov. IN A ;; Query time: 6 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Mon Jun 14 06:27:45 EDT 2021 ;; MSG SIZE rcvd: 46 [root@bacall log]# dig @8.8.8.8 nist.gov in soa ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.5 <<>> @8.8.8.8 nist.gov in soa ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 17779 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;nist.gov. IN SOA ;; Query time: 5 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Mon Jun 14 06:31:59 EDT 2021 ;; MSG SIZE rcvd: 37 The time servers are documented here: https://tf.nist.gov/tf-cgi/servers.cgi Using the IP addresses work, it look like the nist.gov domain is offline. Matthew Huff | Director of Technical Operations | OTA Management LLC Office: 914-460-4039 mh...@ox.com | www.ox.com ........................................................................................................................................... _______________________________________________ Outages mailing list Outages@outages.org https://puck.nether.net/mailman/listinfo/outages