[Unbound-users] .PR servfails with Unbound but not with BIND

Stephane Bortzmeyer bortzmeyer at nic.fr
Tue Sep 8 15:08:23 UTC 2009 

% dig SOA pr.

; <<>> DiG 9.5.1-P3 <<>> SOA pr.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 940
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pr.				IN	SOA

;; Query time: 21 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Sep  8 17:06:58 2009
;; MSG SIZE  rcvd: 31




% dig +cd +dnssec SOA pr.

; <<>> DiG 9.5.1-P3 <<>> +cd +dnssec SOA pr.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62970
;; flags: qr rd ra cd; QUERY: 1, ANSWER: 2, AUTHORITY: 6, ADDITIONAL: 7

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;pr.				IN	SOA

;; ANSWER SECTION:
pr.			86150	IN	SOA	pascal.nic.pr. tech.nic.pr. 2009090836 1200 900 1209600 3600
pr.			86150	IN	RRSIG	SOA 5 1 86400 20091008120105 20090908120105 62607 pr. VIiEZemSfxbg23K3vROW8ZEB2QYoVfcfqP+gZ0Ge88MsIDVfx5NZpP1t b0PDUa9hTRClxeWdK6ofzYB09YVLlSNC9FsM1Qrr17M+taTMid02tEyv sSQmUayY3GuN2UftFnsKpDVzVP39m/2uQP32hgDQLYJns3Kw9/8wiQH1 Cbk=

;; AUTHORITY SECTION:
pr.			86076	IN	NS	pr-dns.denic.de.
pr.			86076	IN	NS	descartes.nic.pr.
pr.			86076	IN	NS	pr-ns.anycast.pch.net.
pr.			86076	IN	NS	golomb.nic.pr.
pr.			86076	IN	NS	pascal.nic.pr.
pr.			86076	IN	RRSIG	NS 5 1 86400 20091008120105 20090908120105 62607 pr. gSDrvv6tK5tKyMq5hvSdbwsmtiopjGlSKxoOP/AqS6YzfWVl6WF96eX/ oa5EW1Uu0cLpJLhvBp4jYFDGMyBXGL6uIKn4HoC7d2eUyREhJR/a7KRo GcJ5oyyc6rr/449ou1tZYsIdl+wNZ0Kv6mZ27C1gUC+VqzsF96B7QQr8 PrI=

;; ADDITIONAL SECTION:
golomb.nic.pr.		281	IN	A	134.202.6.100
pascal.nic.pr.		281	IN	A	134.202.0.120
descartes.nic.pr.	281	IN	A	134.202.1.120
golomb.nic.pr.		281	IN	RRSIG	A 5 3 300 20091008120136 20090908120136 25188 nic.pr. WSg4gWYk2E7CNlz5OO+r9ucUuyzxKfO4iLls1U/bVllASRNW+AUPrOBI A6w9aAAoCNyvvDcUISauGTFfPZItsd/1SEB+YrIoddVq8k+HhKEJa0oO 5a/E5DUagRl8u1AhS4SLFXoH+6dOqMV20fKEnFvzTJ6hkJAQFaduthwj U2c=
pascal.nic.pr.		281	IN	RRSIG	A 5 3 300 20091008120136 20090908120136 25188 nic.pr. abpgt+cI54VYatNI16UTOnouVowHUqiwb5SAbq6j0n4xVxmrMLTTaUG5 QzdbluTMhykCfbkX2RQzq5no5aM8U8cXQPJ3MNBAtPzzTzsOkrV7hanc M3YVT10dm5odwNk8cK1ks+S0yFwv8WlRcdJUeqqOUjeTkr1SZ0NXjG9q VV4=
descartes.nic.pr.	281	IN	RRSIG	A 5 3 300 20091008120136 20090908120136 25188 nic.pr. mIaBbAIVL5F7K3VSfqcZq2A43aDsOZCI9BfyywTAvf/gXYWbAiCRKSDL gtEvSSU0cG54N8IrYNk1y8Epu+PZp4aIPpbhsUlGDzwGD2MsqlvelIOG j9EXfYrpxVYQLynIkmNT4STwf2YRRWoAJ5tqk+U3qWJ2JRH59OVZq2l3 QJ0=

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Sep  8 17:07:17 2009
;; MSG SIZE  rcvd: 1076


I get the key through DLV.


% dig DLV pr.dlv.isc.org.

; <<>> DiG 9.5.1-P3 <<>> DLV pr.dlv.isc.org.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48135
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 6, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pr.dlv.isc.org.			IN	DLV

;; ANSWER SECTION:
pr.dlv.isc.org.		3255	IN	DLV	62704 5 2 57E017A982196D194B3F52CDD39F86A9A33DED75064F285A9242BA7A 448A659C
pr.dlv.isc.org.		3255	IN	DLV	62704 5 1 AFA72CB11D4C97657D82338AF6D569ED614166EB

;; AUTHORITY SECTION:
dlv.isc.org.		3570	IN	NS	dlv.sfba.sns-pb.isc.org.
dlv.isc.org.		3570	IN	NS	dlv.ams.sns-pb.isc.org.
dlv.isc.org.		3570	IN	NS	ns1.isc.ultradns.net.
dlv.isc.org.		3570	IN	NS	ns.isc.afilias-nst.info.
dlv.isc.org.		3570	IN	NS	dlv.ord.sns-pb.isc.org.
dlv.isc.org.		3570	IN	NS	ns2.isc.ultradns.net.

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Sep  8 17:07:38 2009
;; MSG SIZE  rcvd: 290



% dig +cd DNSKEY pr.

; <<>> DiG 9.5.1-P3 <<>> +cd DNSKEY pr.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26009
;; flags: qr rd ra cd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pr.				IN	DNSKEY

;; ANSWER SECTION:
pr.			86045	IN	DNSKEY	256 3 5 BQEAAAABvS8Q64q8v62DW3y4EtUmsHr0dpU9Mizo63NXFMlEA4UaO88s B5il79MbJ0dzmRZ7M+j/E5pVSTTazJsK6LMnncBF3bwMWo4/nVVB0d9E 6CsClsJFU+A0a8kWIZ+aXuqUHO7QZ88qG7cwLbTNwHeo1X+ArvXgXmU6 OaemL3v5+eU=
pr.			86045	IN	DNSKEY	257 3 5 AwEAAeDPv9lQ7Ej5Ld9Fz/FKLhdOajwtEXsWykj65ugIa4Di1nY6ti9n dkeR4kp1aSNlvf6N7KsjunfMJj4SccBwcY77DrxmQ+g9nI09ePMZvxF2 U63Lv9BftGaIguYdkYZVSwHd1q7DdXqNkLaD4tZEHiN0h/3wBdTQUPH1 IoskD1vGxiPw2egftk6sVQdvOJWaAgSpmG0eq+/e90WVTNX4/xhA17Pr dQQJIheZQ3+EsDoil8kyJZC12KoHYpFklx7+aCiR2u8Fumy6ARFR4PP0 n7bnBaKOgMpVzz+KI79a3USDkj9RhNog50iSWgaBM75Xu0IBNEpcCVYZ YjwDESgiDXc=
pr.			86045	IN	DNSKEY	256 3 5 AwEAAZpi4OSTiCcMfLUCj+d8Ps3xB1egdn38I2EdHxoKxutS79EAHdFT iauogWygbKLhOUYgorqWzM8XBMkXabN7tof6SDiL7v13NL7rr1TuG1GY GOh66ZBF8BpGieufNb3Fzvc3addcbkw0iAf6bsbBgOWJ74xOErPPYGUs TPRcUfor

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Sep  8 17:07:48 2009
;; MSG SIZE  rcvd: 605


Unbound 1.3.2. A BIND resolver has no problem.

More information about the Unbound-users mailing list