[Opendnssec-user] SOA queries -> ServFail?
yuri at nlnetlabs.nl
Wed May 31 08:38:30 UTC 2017
> Turns out that this is in response to the SOA queries it issues:
> 14:49:39.571605 IP xxxx.42494 > yyyy.domain: 21758 [2au] SOA? 58.39.128.in-addr.arpa. (140)
> 14:49:39.572698 IP yyyy.domain > xxxx.42494: 21758 ServFail- 0/0/2 (140)
> Is this expected behaviour, i.e. are SOA queries not part of the
> reportoire which OpenDNSSEC implements? If so, that's a surprise...
OpenDNSSEC should respond to SOA queries. There are a couple of cases
where it isn't able to. See the soa request function . Maybe the zone
is expired? In any case you should find some hint in the logs of the
signer. grep for "[axfr]" in combination with "58.39.128.in-addr.arpa".
This should, according to the code provide some additional information.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 195 bytes
Desc: OpenPGP digital signature
More information about the Opendnssec-user