[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google Public DNS Problems?
- Subject: Google Public DNS Problems?
- From: jabley at hopcount.ca (Joe Abley)
- Date: Wed, 1 May 2013 12:34:01 -0400
- In-reply-to: <[email protected]om>
- References: <[email protected]om>
On 2013-05-01, at 12:09, Blair Trosper <blair.trosper at gmail.com> wrote:
> Is anyone else seeing this? From Santa Clara, CA, on Comcast
> Business...I'm getting SERVFAIL for any query I throw at 188.8.131.52 and
> Level 3's own public resolvers are fine for me, as are OpenDNS's resolvers.
Google just turned on validation across the whole of 184.108.40.206 and 220.127.116.11. The expected behaviour in the case where a response does not validate is to return SERVFAIL to the client.
You could check that the queries you are sending are not suffering from poor signing hygiene (e.g. use the handy-dandy dnsviz.net visualisation).
If this is a repeatable, consistent problem even for unsigned zones (or for zones that you've verified are signed correctly) and especially if it's widespread you might want to call google on the nanog courtesy phone and have them look for collateral damage from their recent foray into 18.104.22.168 validation.
Raw output from dig/drill and traceroutes to 22.214.171.124/126.96.36.199 are highly recommended if you need to take this further.