TXT root records are not working

[desja...@gmail.com]

The continuous problem that's occurring is the TXT records are not showing on Google's DNS servers. 

A test DNS website: https://dnschecker.org/#TXT/roosendaal.nl also shows the problem.

A Windows nslookup test is again displaying the problem:

nslookup -q=TXT

> roosendaal.nl

Server:  google-public-dns-a.google.com

Address:  8.8.8.8

*** google-public-dns-a.google.com can't find roosendaal.nl: Server failed

> roosendaal.nl 4.2.2.1

Server:  [4.2.2.1]

Address:  4.2.2.1

Non-authoritative answer:

roosendaal.nl   text =

        "MS=ms99325298"

roosendaal.nl   text =

        "v=spf1 +a a:prd-mailserver.iburgerzaken.nl a:smtp1.iburgerzaken.nl include:spf.zaaksysteem.nl include:_spf.ezorg.nl ip4:83.217.76.124 ip6:2a00:1c98:10:25:0:0:0:124 ip4:92.42.235.126/32 ip4:92.42.239.114/32 ip4:92.42.235.1/24 ip4:195.88.137.208 ip4:213.201"

        ".213.229 ~all"

>

What can be the cause of this problem? 

[Alex Dupuy]

I always like it when somebody has a new and unusual problem (especially when it is a DNSSEC-related one).

Your TXT records are working now (http://dnsviz.net/d/roosendaal.nl/WoumoA/dnssec/), but not quite a day ago, the DNSSEC signature for the TXT record was bogus (http://dnsviz.net/d/roosendaal.nl/Wop8Ig/dnssec/):

• RRSIG roosendaal.nl/TXT alg 7, id 41090: The cryptographic signature of the RRSIG RR does not properly validate.

I'm not sure what was up with that, but you might want to talk with the TransIP folks running your domain's authoritative name servers so that they can figure out what went wrong and how to make sure it doesn't happen again.