Hello, I have setup PowerDNS 4.2.0-rc2 through the CentOS 7 repository. Everything works fine except SOA replies in AUTHORITY SECTIONs with DNSSEC enabled. We are testing the domain through the well-known validator Internet.nl and it results in a BOGUS validation. They state that it's because test.nizari.nl is not returning SOA records in the AUTHORITY SECTION.
The following works and returns a proper SOA answer: dig soa nizari.nl dig soa test.nizari.nl @ns1.nizari.nl dig soa test.nizari.nl @1.1.1.1 dig soa test.nizari.nl @8.8.8.8 +cd The following does not work and results in a SERVFAIL: dig soa test.nizari.nl dig soa test.nizari.nl @8.8.8.8 Is this normal behaviour or is there something wrong with my config? The nameservers run simply in a MySQL cluster. pdns.conf: local-address=0.0.0.0 local-ipv6=:: local-port=5300 launch=gmysql,geoip gmysql-host= gmysql-user= gmysql-dbname= gmysql-password= geoip-database-files loglevel=9 enable-lua-records=yes edns-subnet-processing=yes log-dns-queries=yes gmysql-dnssec=yes disable-syslog=yes resolver=8.8.8.8,[2001:4860:4860::8888] If there is something wrong with my config, why does 1.1.1.1 work and 8.8.8.8 not? I see no errors in the logs and all other DNS related stuff is working. DNSVIZ results are OK. Any help or tips can be of use, I have been debugging this for three days now. Thank you for reading!
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
