since I use I often get DNS_PROBE_FINISHED_NXDOMAIN in Chrome. When switching back to everything works fine.

Any idea why? An example site is https://www.corsicaferries.biz


Usually it’s the case that the authoritative DNS servers are broken in some ways, e.g. http://dnsviz.net/d/www.corsicaferries.biz/WtTHBQ/dnssec/

Knot-resolver is apparently a little more sensitive to some issues than some other implementations.


Neither of the nameservers for corsicaferries.com (or corsica-ferries.fr) supports EDNS properly (and half of the nameservers are broken completely). We’ll add overrides to disable most DNS protocol features for their nameservers to make it work at least.


Thanks, When will this be live?


Hi, I just pushed the overrides out, so the website should be resolving.


I believe this problem is bigger. There are too many sites not reachable. Even CNN Philippines: http://www.cnnphilippines.com


Works for me in my browser and dig:


Yes now it is working for me, too. But I get these NX error messages often. I don’t get them with the Google DNS…


I’m getting this with a different domain, ISP’s DNS returns the correct DNS but is returning null values: =
; <<>> DiG 9.10.6 <<>> ns muirfieldtravel.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 57056
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;muirfieldtravel.com.		IN	NS

;; Query time: 47 msec
;; WHEN: Wed May 09 08:53:15 BST 2018
;; MSG SIZE  rcvd: 37


; <<>> DiG 9.10.6 <<>> ns muirfieldtravel.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33113
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 9

; EDNS: version: 0, flags:; udp: 512
;muirfieldtravel.com.		IN	NS

muirfieldtravel.com.	172489	IN	NS	ns-208.awsdns-26.com.
muirfieldtravel.com.	172489	IN	NS	ns-526.awsdns-01.net.
muirfieldtravel.com.	172489	IN	NS	ns-1305.awsdns-35.org.
muirfieldtravel.com.	172489	IN	NS	ns-1994.awsdns-57.co.uk.

ns-1305.awsdns-35.org.	151397	IN	A
ns-1305.awsdns-35.org.	156869	IN	AAAA	2600:9000:5305:1900::1
ns-1994.awsdns-57.co.uk. 146038	IN	A
ns-1994.awsdns-57.co.uk. 161919	IN	AAAA	2600:9000:5307:ca00::1
ns-208.awsdns-26.com.	150592	IN	A
ns-208.awsdns-26.com.	154979	IN	AAAA	2600:9000:5300:d000::1
ns-526.awsdns-01.net.	147008	IN	A
ns-526.awsdns-01.net.	156077	IN	AAAA	2600:9000:5302:e00::1

;; Query time: 61 msec
;; WHEN: Wed May 09 08:57:41 BST 2018
;; MSG SIZE  rcvd: 361