dnssec resolve lsqzj.net on Google public DNS server fail, but other has not this problem
163 views
Skip to first unread message
chen yulong
May 29, 2024, 9:00:17 AMMay 29
to public-dns-discuss
request lsqzj.net DNSKEY
{
"Status": 2 /* SERVFAIL */,
"TC": false,
"RD": true,
"RA": true,
"AD": false,
"CD": false,
"Question": [
{
"name": "lsqzj.net.",
"type": 48 /* DNSKEY */
}
],
"Comment": "DNSSEC validation failure. Check http://dnsviz.net/d/lsqzj.net/dnssec/ and http://dnssec-debugger.verisignlabs.com/lsqzj.net for errors",
"extended_dns_errors": [
{
"info_code": 6,
"extra_text": "RRSIG with malformed signature found for lsqzj.net/dnskey (keytag=35318)"
}
]
}
Check http://dnsviz.net/d/lsqzj.net/dnssec/ and http://dnssec-debugger.verisignlabs.com/lsqzj.net had no errors and warning
Other public dns server result is right. for example
C:\Users\shoot>dig lsqzj.net +dnssec @1.1.1.1 -t dnskey +short
256 3 13 MYDAAEgB4tMcB1HfJCEOG8yooNnJ/K0kB0Sl6dVQg14rT6cSCwraL5+C hF+OjNxo6aZhiV1A0nN4TALFwpU8jQ==
257 3 13 D9NmHuXWSB9AYoZP6PLvNEiy+PE/zmanzmV73mWP+UIukuaBw37Qvy6p IQ4rSbqhG1IWZxp11t0KNA93tJjhsQ==
DNSKEY 13 2 3600 20740516052451 20240528052451 35318 lsqzj.net. Lf5JZhLGNqDREgoIhUdRLeXyyRBzZdfKq9ye4UvQkcWVAX1C52jWXJc8 ywRvUsPHfuruzenFNX+3PZ3UbIdtoQ==
C:\Users\shoot>dig lsqzj.net +dnssec @4.2.2.4 -t dnskey +short
256 3 13 MYDAAEgB4tMcB1HfJCEOG8yooNnJ/K0kB0Sl6dVQg14rT6cSCwraL5+C hF+OjNxo6aZhiV1A0nN4TALFwpU8jQ==
257 3 13 D9NmHuXWSB9AYoZP6PLvNEiy+PE/zmanzmV73mWP+UIukuaBw37Qvy6p IQ4rSbqhG1IWZxp11t0KNA93tJjhsQ==
DNSKEY 13 2 3600 20740516052451 20240528052451 35318 lsqzj.net. zA25LPbGz9TaRvkMPZKudLVi3TpPqebqkr6LQJva3FWgJ4KTy/jQ189Y QscyOohVjbGaghotE7aQKUgvvXDDiw==
C:\Users\shoot>dig lsqzj.net +dnssec @9.9.9.9 -t dnskey +short
256 3 13 MYDAAEgB4tMcB1HfJCEOG8yooNnJ/K0kB0Sl6dVQg14rT6cSCwraL5+C hF+OjNxo6aZhiV1A0nN4TALFwpU8jQ==
257 3 13 D9NmHuXWSB9AYoZP6PLvNEiy+PE/zmanzmV73mWP+UIukuaBw37Qvy6p IQ4rSbqhG1IWZxp11t0KNA93tJjhsQ==
DNSKEY 13 2 3600 20740516052451 20240528052451 35318 lsqzj.net. LYWN83EwadvVkdI+jK4KmVA7oyqoJDH9tGtjgTJSqFgF8ve0F0CqAVBz uQ4qL8/pDKXMNI55neUSsKgAGbq5rg==
C:\Users\shoot>dig lsqzj.net +dnssec @208.67.222.222 -t dnskey +short
256 3 13 MYDAAEgB4tMcB1HfJCEOG8yooNnJ/K0kB0Sl6dVQg14rT6cSCwraL5+C hF+OjNxo6aZhiV1A0nN4TALFwpU8jQ==
257 3 13 D9NmHuXWSB9AYoZP6PLvNEiy+PE/zmanzmV73mWP+UIukuaBw37Qvy6p IQ4rSbqhG1IWZxp11t0KNA93tJjhsQ==
DNSKEY 13 2 3600 20740516052451 20240528052451 35318 lsqzj.net. t6bl+drjnhwOUKOKYdzP28ox0qKNnHypruPzYsfMqeyeKVRnaa3jEiNB xExuyrFqnw31fLW/Z9Z58osa5fTBlw==
C:\Users\shoot>dig lsqzj.net +dnssec @216.146.35.35 -t dnskey +short
257 3 13 D9NmHuXWSB9AYoZP6PLvNEiy+PE/zmanzmV73mWP+UIukuaBw37Qvy6p IQ4rSbqhG1IWZxp11t0KNA93tJjhsQ==
256 3 13 MYDAAEgB4tMcB1HfJCEOG8yooNnJ/K0kB0Sl6dVQg14rT6cSCwraL5+C hF+OjNxo6aZhiV1A0nN4TALFwpU8jQ==
DNSKEY 13 2 3600 20740516052451 20240528052451 35318 lsqzj.net. I0bGTXorcASPmtC5j9uru9SL6XLkLh/RvNZHVHWOtB42NVxUBA5C+1/I zDL4wjc3K94Q5Tp4IWRvLbNaFYZmvg==
C:\Users\shoot>dig lsqzj.net +dnssec @8.8.8.8 -t dnskey +short
C:\Users\shoot>dig lsqzj.net +dnssec @8.8.8.8 -t dnskey
; <<>> DiG 9.17.12 <<>> lsqzj.net +dnssec @8.8.8.8 -t dnskey
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 38162
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
; EDE: 6 (DNSSEC Bogus): (RRSIG with malformed signature found for lsqzj.net/dnskey (keytag=35318))
;; QUESTION SECTION:
;lsqzj.net. IN DNSKEY
;; Query time: 228 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
;; WHEN: Wed May 29 15:33:54 ;; MSG SIZE rcvd: 116
Thanks for you helps.
{
"Status": 2 /* SERVFAIL */,
"TC": false,
"RD": true,
"RA": true,
"AD": false,
"CD": false,
"Question": [
{
"name": "lsqzj.net.",
"type": 48 /* DNSKEY */
}
],
"Comment": "DNSSEC validation failure. Check http://dnsviz.net/d/lsqzj.net/dnssec/ and http://dnssec-debugger.verisignlabs.com/lsqzj.net for errors",
"extended_dns_errors": [
{
"info_code": 6,
"extra_text": "RRSIG with malformed signature found for lsqzj.net/dnskey (keytag=35318)"
}
]
}
Check http://dnsviz.net/d/lsqzj.net/dnssec/ and http://dnssec-debugger.verisignlabs.com/lsqzj.net had no errors and warning
Other public dns server result is right. for example
C:\Users\shoot>dig lsqzj.net +dnssec @1.1.1.1 -t dnskey +short
256 3 13 MYDAAEgB4tMcB1HfJCEOG8yooNnJ/K0kB0Sl6dVQg14rT6cSCwraL5+C hF+OjNxo6aZhiV1A0nN4TALFwpU8jQ==
257 3 13 D9NmHuXWSB9AYoZP6PLvNEiy+PE/zmanzmV73mWP+UIukuaBw37Qvy6p IQ4rSbqhG1IWZxp11t0KNA93tJjhsQ==
DNSKEY 13 2 3600 20740516052451 20240528052451 35318 lsqzj.net. Lf5JZhLGNqDREgoIhUdRLeXyyRBzZdfKq9ye4UvQkcWVAX1C52jWXJc8 ywRvUsPHfuruzenFNX+3PZ3UbIdtoQ==
C:\Users\shoot>dig lsqzj.net +dnssec @4.2.2.4 -t dnskey +short
256 3 13 MYDAAEgB4tMcB1HfJCEOG8yooNnJ/K0kB0Sl6dVQg14rT6cSCwraL5+C hF+OjNxo6aZhiV1A0nN4TALFwpU8jQ==
257 3 13 D9NmHuXWSB9AYoZP6PLvNEiy+PE/zmanzmV73mWP+UIukuaBw37Qvy6p IQ4rSbqhG1IWZxp11t0KNA93tJjhsQ==
DNSKEY 13 2 3600 20740516052451 20240528052451 35318 lsqzj.net. zA25LPbGz9TaRvkMPZKudLVi3TpPqebqkr6LQJva3FWgJ4KTy/jQ189Y QscyOohVjbGaghotE7aQKUgvvXDDiw==
C:\Users\shoot>dig lsqzj.net +dnssec @9.9.9.9 -t dnskey +short
256 3 13 MYDAAEgB4tMcB1HfJCEOG8yooNnJ/K0kB0Sl6dVQg14rT6cSCwraL5+C hF+OjNxo6aZhiV1A0nN4TALFwpU8jQ==
257 3 13 D9NmHuXWSB9AYoZP6PLvNEiy+PE/zmanzmV73mWP+UIukuaBw37Qvy6p IQ4rSbqhG1IWZxp11t0KNA93tJjhsQ==
DNSKEY 13 2 3600 20740516052451 20240528052451 35318 lsqzj.net. LYWN83EwadvVkdI+jK4KmVA7oyqoJDH9tGtjgTJSqFgF8ve0F0CqAVBz uQ4qL8/pDKXMNI55neUSsKgAGbq5rg==
C:\Users\shoot>dig lsqzj.net +dnssec @208.67.222.222 -t dnskey +short
256 3 13 MYDAAEgB4tMcB1HfJCEOG8yooNnJ/K0kB0Sl6dVQg14rT6cSCwraL5+C hF+OjNxo6aZhiV1A0nN4TALFwpU8jQ==
257 3 13 D9NmHuXWSB9AYoZP6PLvNEiy+PE/zmanzmV73mWP+UIukuaBw37Qvy6p IQ4rSbqhG1IWZxp11t0KNA93tJjhsQ==
DNSKEY 13 2 3600 20740516052451 20240528052451 35318 lsqzj.net. t6bl+drjnhwOUKOKYdzP28ox0qKNnHypruPzYsfMqeyeKVRnaa3jEiNB xExuyrFqnw31fLW/Z9Z58osa5fTBlw==
C:\Users\shoot>dig lsqzj.net +dnssec @216.146.35.35 -t dnskey +short
257 3 13 D9NmHuXWSB9AYoZP6PLvNEiy+PE/zmanzmV73mWP+UIukuaBw37Qvy6p IQ4rSbqhG1IWZxp11t0KNA93tJjhsQ==
256 3 13 MYDAAEgB4tMcB1HfJCEOG8yooNnJ/K0kB0Sl6dVQg14rT6cSCwraL5+C hF+OjNxo6aZhiV1A0nN4TALFwpU8jQ==
DNSKEY 13 2 3600 20740516052451 20240528052451 35318 lsqzj.net. I0bGTXorcASPmtC5j9uru9SL6XLkLh/RvNZHVHWOtB42NVxUBA5C+1/I zDL4wjc3K94Q5Tp4IWRvLbNaFYZmvg==
C:\Users\shoot>dig lsqzj.net +dnssec @8.8.8.8 -t dnskey +short
C:\Users\shoot>dig lsqzj.net +dnssec @8.8.8.8 -t dnskey
; <<>> DiG 9.17.12 <<>> lsqzj.net +dnssec @8.8.8.8 -t dnskey
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 38162
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
; EDE: 6 (DNSSEC Bogus): (RRSIG with malformed signature found for lsqzj.net/dnskey (keytag=35318))
;; QUESTION SECTION:
;lsqzj.net. IN DNSKEY
;; Query time: 228 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
;; WHEN: Wed May 29 15:33:54 ;; MSG SIZE rcvd: 116
Thanks for you helps.
Reply all
Reply to author
Forward
0 new messages