public DNS 8.8.8.8 not resolve my subdomain
94 views
Skip to first unread message
bar...@gmail.com
Aug 14, 2018, 4:44:24 PM8/14/18
to public-dns-discuss
Hello
i have PowerDNS at my whm/cpanel server, and created cpanel for subdomain.
if i try query form other dns my subdomain can resolve but query via 8.8.8.8 server fail/
my subdomain is sumut.apjii.or.id, this subdomain have different zone from main domain.
root@mawar:~# dig @8.8.8.8 sumut.apjii.or.id
; <<>> DiG 9.9.5-9+deb8u15-Debian <<>> @8.8.8.8 sumut.apjii.or.id
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1114
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;sumut.apjii.or.id. IN A
;; Query time: 79 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Aug 14 22:39:57 WIB 2018
;; MSG SIZE rcvd: 46
; <<>> DiG 9.9.5-9+deb8u15-Debian <<>> @8.8.8.8 sumut.apjii.or.id
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1114
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;sumut.apjii.or.id. IN A
;; Query time: 79 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Aug 14 22:39:57 WIB 2018
;; MSG SIZE rcvd: 46
with another dns
root@mawar:~# dig @208.67.222.222 sumut.apjii.or.id
; <<>> DiG 9.9.5-9+deb8u15-Debian <<>> @208.67.222.222 sumut.apjii.or.id
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50499
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;sumut.apjii.or.id. IN A
;; ANSWER SECTION:
sumut.apjii.or.id. 14400 IN A 203.119.13.140
;; Query time: 33 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Tue Aug 14 22:40:12 WIB 2018
;; MSG SIZE rcvd: 62
; <<>> DiG 9.9.5-9+deb8u15-Debian <<>> @208.67.222.222 sumut.apjii.or.id
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50499
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;sumut.apjii.or.id. IN A
;; ANSWER SECTION:
sumut.apjii.or.id. 14400 IN A 203.119.13.140
;; Query time: 33 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Tue Aug 14 22:40:12 WIB 2018
;; MSG SIZE rcvd: 62
but if i try using +trace my subdomain got result/pass"
trying for find a error but can found it :( ty for help
Matt Nordhoff
Aug 14, 2018, 9:28:51 PM8/14/18
to public-dns-discuss
208.67.222.222 and "dig +trace" don't validate DNSSEC.
Apparently the NSEC3 record equivalent to "dig +dnssec sumut.apjii.or.id ds" is invalid:
I'm not sure what to do, but "sudo pdnsutil rectify-zone apjii.or.id" may be worth a shot.
Reply all
Reply to author
Forward
0 new messages