Schlagwort: DNSSEC

Mysterious DNSSEC

#DNSSEC

I have a zone example.com that stop­ped working all in a sud­den may­be 5 days ago. The aut­ho­ri­ta­ti­ve name­ser­ver only replied “SRVFAIL” and so did all other public resol­vers (OK, I tried 8.8.8.8 and 1.1.1.1)

Accord­ing to the zonefile’s times­tamp and the zone’s seri­al, the­re were no chan­ges after Janu­a­ry 2017.

example.com. IN DS 30744 10 2 73…5D

was wrong, this works:

example.com IN DS 30744 10 2 73…5D

Spot the difference 😉
The­re is no $ORIGIN. Accord­ing to Micha­el W. Lucas ( I always buy IT lite­ra­tu­re at a phar­ma­cy), it hast to be example.com. with a trai­ling dot.
But why the hell it stop­ped working a few days ago?

0