I’m intermittently seeing servfails / timeouts from 188.8.131.52 resolving names for a few zones under
.me.uk. Other zones hosted on the same nameservers, and DNSSEC signed on the same infrastructure, seem to be fine.
$ dig d.timstallard.me.uk @184.108.40.206 +retries=0 ; <<>> DiG 9.16.6-Ubuntu <<>> d.timstallard.me.uk @220.127.116.11 +retries=0 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 30886 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ; EDE: 22 (No Reachable Authority) ;; QUESTION SECTION: ;d.timstallard.me.uk. IN A ;; Query time: 15 msec ;; SERVER: 18.104.22.168#53(22.214.171.124)
(I’d expect this to return
I’ve seen the same issues with
tds.me.uk, which is hosted on the same nameservers, but signed elsewhere. I can also see the same with
example.me.uk, a random choice which uses some other nameservers. All these domains appear to run fine through dnsviz and resolve OK against 126.96.36.199.
In case it helps track this down, I’ve only observed this from LHR; querying against FRA and AMS both seem fine. Let me know if there’s anything else I can check or provide to help investigate.