I noticed that 1.1.1.1 and 1.0.0.1 don’t resolve the domain heiconf.uni-heidelberg.de but return SERVFAIL when looking up this domain.
Here’s the link to the output of the diagnostic tool:
Here’s useful output from a linux machine in my network:
dig heiconf.uni-heidelberg.de @1.1.1.1
; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> heiconf.uni-heidelberg.de @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 3003
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;heiconf.uni-heidelberg.de. IN A
;; Query time: 25 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mo Mai 11 12:39:13 CEST 2020
;; MSG SIZE rcvd: 54
dig heiconf.uni-heidelberg.de @1.0.0.1
; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> heiconf.uni-heidelberg.de @1.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 45637
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;heiconf.uni-heidelberg.de. IN A
;; Query time: 27 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Mo Mai 11 12:39:21 CEST 2020
;; MSG SIZE rcvd: 54
dig heiconf.uni-heidelberg.de @8.8.8.8
; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> heiconf.uni-heidelberg.de @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45878
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;heiconf.uni-heidelberg.de. IN A
;; ANSWER SECTION:
heiconf.uni-heidelberg.de. 3599 IN A 129.206.5.165
;; Query time: 24 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mo Mai 11 12:39:27 CEST 2020
;; MSG SIZE rcvd: 70
dig +short CHAOS TXT id.server @1.1.1.1
"FRA"
dig +short CHAOS TXT id.server @1.0.0.1
"FRA"
Since I’m a new user I couldn’t post this link to DNSViz in my initial post:https://dnsviz.net/d/heiconf.uni-heidelberg.de/dnssec/
Works here!!! (Buenos Aires - Argentina)
dig heiconf.uni-heidelberg.de @1.1.1.1
; <<>> DiG 9.14.7 <<>> heiconf.uni-heidelberg.de @1.1.1.1
;; OPT PSEUDOSECTION:heiconf.uni-heidelberg.de . IN A
;; ANSWER SECTION:heiconf.uni-heidelberg.de . 3565 IN A 129.206.5.165
;; Query time: 10 msec
dig heiconf.uni-heidelberg.de @1.0.0.1
; <<>> DiG 9.14.7 <<>> heiconf.uni-heidelberg.de @1.0.0.1
;; OPT PSEUDOSECTION:heiconf.uni-heidelberg.de . IN A
;; ANSWER SECTION:heiconf.uni-heidelberg.de . 3496 IN A 129.206.5.165
;; Query time: 11 msec
Cheers!!!
1 Like
That’s interesting! Unfortunately, the return of SERVFAIL here in Germany has some impact since it’s a service of a German university.
Query … are you getting well to 1.1.1.1 and 1.0.0.1 ???
Here are some tips for troubleshooting if you are having issues using Cloudflare’s Resolver. Please take a moment to review them along with the information that will help us to understand and help diagnose any issues. There are two sections to this guide. The first is for troubleshooting name resolution errors/issues and the second is for unreachability or routing issues.
New Diagnostic Tool We have a new diagnostic tool which can help gather some of the information requested below. If you copy…
Cheers!!!
I can reach 1.1.1.1 and 1.0.0.1 very well. I use 1.1.1.1 as my upstream DNS provider for my pi-hole instance.heiconf.uni-heidelberg.de is the first domain that I noticed that couldn’t be resolved. “All” other work fine:
dig community.cloudflare.com @1.1.1.1
; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> community.cloudflare.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46272
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;community.cloudflare.com. IN A
;; ANSWER SECTION:
community.cloudflare.com. 256 IN A 104.16.132.229
community.cloudflare.com. 256 IN A 104.16.133.229
;; Query time: 19 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mo Mai 11 17:49:06 CEST 2020
;; MSG SIZE rcvd: 109
dig signal.org @1.1.1.1
; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> signal.org @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25847
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;signal.org. IN A
;; ANSWER SECTION:
signal.org. 60 IN A 52.222.167.169
signal.org. 60 IN A 52.222.167.83
signal.org. 60 IN A 52.222.167.100
signal.org. 60 IN A 52.222.167.7
;; Query time: 161 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mo Mai 11 17:49:54 CEST 2020
;; MSG SIZE rcvd: 113
How strange… well… I think it’s something that someone from support will have to see… @cs-cf @irtefa
Hi, this doesn’t always work because 129.206.210.127 (dns2.uni-heidelberg.de ) returns an a lame delegation:
$ kdig @129.206.210.127 heiconf.uni-heidelberg.de
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 22216
;; Flags: qr rd; QUERY: 1; ANSWER: 0; AUTHORITY: 2; ADDITIONAL: 2
;; QUESTION SECTION:
;; heiconf.uni-heidelberg.de. IN A
;; AUTHORITY SECTION:
heiconf.uni-heidelberg.de. 86400 IN NS dns.uni-heidelberg.de.
heiconf.uni-heidelberg.de. 86400 IN NS dns2.uni-heidelberg.de.
;; ADDITIONAL SECTION:
dns.uni-heidelberg.de. 86400 IN A 129.206.100.126
dns2.uni-heidelberg.de. 86400 IN A 129.206.210.127
I’ll try to add a workaround for this zone as well.
For me, it works now.
dig heiconf.uni-heidelberg.de @1.1.1.1
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> heiconf.uni-heidelberg.de @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9968
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;heiconf.uni-heidelberg.de. IN A
;; ANSWER SECTION:
heiconf.uni-heidelberg.de. 1483 IN A 129.206.5.165
;; Query time: 4 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed May 13 14:18:56 CEST 2020
;; MSG SIZE rcvd: 95
system
June 12, 2020, 12:19pm
#10
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.