[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[public-dns-discuss] Re: public DNS 8.8.8.8 not resolve my subdomain



On Tuesday, August 14, 2018 at 8:44:24 PM UTC, bar... AT gmail.com wrote:
Hello
i have PowerDNS at my whm/cpanel server, and created cpanel for subdomain.
if i try query form other dns my subdomain can resolve but query via 8.8.8.8 server fail/
my subdomain is sumut.apjii.or.id, this subdomain have different zone from main domain.
root@mawar:~# dig @8.8.8.8 sumut.apjii.or.id

; <<>> DiG 9.9.5-9+deb8u15-Debian <<>> @8.8.8.8 sumut.apjii.or.id
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1114
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;sumut.apjii.or.id.             IN      A

;; Query time: 79 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Aug 14 22:39:57 WIB 2018
;; MSG SIZE  rcvd: 46

with another dns
root@mawar:~# dig @208.67.222.222 sumut.apjii.or.id

; <<>> DiG 9.9.5-9+deb8u15-Debian <<>> @208.67.222.222 sumut.apjii.or.id
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50499
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;sumut.apjii.or.id.             IN      A

;; ANSWER SECTION:
sumut.apjii.or.id.      14400   IN      A       203.119.13.140

;; Query time: 33 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Tue Aug 14 22:40:12 WIB 2018
;; MSG SIZE  rcvd: 62

but if i try using +trace my subdomain got result/pass"

trying for find a error but can found it :( ty for help

208.67.222.222 and "dig +trace" don't validate DNSSEC.

Apparently the NSEC3 record equivalent to "dig +dnssec sumut.apjii.or.id ds" is invalid:

http://dnsviz.net/d/sumut.apjii.or.id/W3N__g/dnssec/

I'm not sure what to do, but "sudo pdnsutil rectify-zone apjii.or.id" may be worth a shot.

--
--
========================================================
You received this message because you are subscribed to the Google
Groups "public-dns-discuss" group.
To post to this group, send email to public-dns-discuss AT googlegroups.com
To unsubscribe from this group, send email to
public-dns-discuss+unsubscribe AT googlegroups.com
For more options, visit this group at
http://groups.google.com/group/public-dns-discuss
For more information on Google Public DNS, please visit
http://developers.google.com/speed/public-dns
========================================================
---
You received this message because you are subscribed to the Google Groups "public-dns-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to public-dns-discuss+unsubscribe AT googlegroups.com.
For more options, visit https://groups.google.com/d/optout.