SERVFAIL for heiconf.uni-heidelberg.de

I noticed that 1.1.1.1 and 1.0.0.1 don’t resolve the domain heiconf.uni-heidelberg.de but return SERVFAIL when looking up this domain.

Here’s the link to the output of the diagnostic tool:

Here’s useful output from a linux machine in my network:

dig heiconf.uni-heidelberg.de @1.1.1.1

; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> heiconf.uni-heidelberg.de @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 3003
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;heiconf.uni-heidelberg.de.	IN	A

;; Query time: 25 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mo Mai 11 12:39:13 CEST 2020
;; MSG SIZE  rcvd: 54

dig heiconf.uni-heidelberg.de @1.0.0.1

; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> heiconf.uni-heidelberg.de @1.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 45637
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;heiconf.uni-heidelberg.de.	IN	A

;; Query time: 27 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Mo Mai 11 12:39:21 CEST 2020
;; MSG SIZE  rcvd: 54

dig heiconf.uni-heidelberg.de @8.8.8.8

; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> heiconf.uni-heidelberg.de @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45878
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;heiconf.uni-heidelberg.de.	IN	A

;; ANSWER SECTION:
heiconf.uni-heidelberg.de. 3599	IN	A	129.206.5.165

;; Query time: 24 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mo Mai 11 12:39:27 CEST 2020
;; MSG SIZE  rcvd: 70

dig +short CHAOS TXT id.server @1.1.1.1
"FRA"

dig +short CHAOS TXT id.server @1.0.0.1
"FRA"

Since I’m a new user I couldn’t post this link to DNSViz in my initial post:
https://dnsviz.net/d/heiconf.uni-heidelberg.de/dnssec/

Works here!!! (Buenos Aires - Argentina)

dig heiconf.uni-heidelberg.de @1.1.1.1

; <<>> DiG 9.14.7 <<>> heiconf.uni-heidelberg.de @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62905
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;heiconf.uni-heidelberg.de. IN A

;; ANSWER SECTION:
heiconf.uni-heidelberg.de. 3565 IN A 129.206.5.165

;; Query time: 10 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mon May 11 09:24:51 Hora estßndar de Argentina 2020
;; MSG SIZE rcvd: 95

dig heiconf.uni-heidelberg.de @1.0.0.1

; <<>> DiG 9.14.7 <<>> heiconf.uni-heidelberg.de @1.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18272
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;heiconf.uni-heidelberg.de. IN A

;; ANSWER SECTION:
heiconf.uni-heidelberg.de. 3496 IN A 129.206.5.165

;; Query time: 11 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Mon May 11 09:26:01 Hora estßndar de Argentina 2020
;; MSG SIZE rcvd: 95

Cheers!!!

1 Like

That’s interesting! Unfortunately, the return of SERVFAIL here in Germany has some impact since it’s a service of a German university.

Query … are you getting well to 1.1.1.1 and 1.0.0.1 ???
Please try to perform these steps and post them.

Cheers!!!

I can reach 1.1.1.1 and 1.0.0.1 very well. I use 1.1.1.1 as my upstream DNS provider for my pi-hole instance.
The domain heiconf.uni-heidelberg.de is the first domain that I noticed that couldn’t be resolved. “All” other work fine:

dig community.cloudflare.com @1.1.1.1

; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> community.cloudflare.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46272
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;community.cloudflare.com.	IN	A

;; ANSWER SECTION:
community.cloudflare.com. 256	IN	A	104.16.132.229
community.cloudflare.com. 256	IN	A	104.16.133.229

;; Query time: 19 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mo Mai 11 17:49:06 CEST 2020
;; MSG SIZE  rcvd: 109

dig signal.org @1.1.1.1

; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> signal.org @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25847
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;signal.org.			IN	A

;; ANSWER SECTION:
signal.org.		60	IN	A	52.222.167.169
signal.org.		60	IN	A	52.222.167.83
signal.org.		60	IN	A	52.222.167.100
signal.org.		60	IN	A	52.222.167.7

;; Query time: 161 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mo Mai 11 17:49:54 CEST 2020
;; MSG SIZE  rcvd: 113

How strange… well… I think it’s something that someone from support will have to see… @cs-cf @irtefa

Hi, this doesn’t always work because 129.206.210.127 (dns2.uni-heidelberg.de) returns an a lame delegation:

$ kdig @129.206.210.127 heiconf.uni-heidelberg.de
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 22216
;; Flags: qr rd; QUERY: 1; ANSWER: 0; AUTHORITY: 2; ADDITIONAL: 2

;; QUESTION SECTION:
;; heiconf.uni-heidelberg.de.		IN	A

;; AUTHORITY SECTION:
heiconf.uni-heidelberg.de.	86400	IN	NS	dns.uni-heidelberg.de.
heiconf.uni-heidelberg.de.	86400	IN	NS	dns2.uni-heidelberg.de.

;; ADDITIONAL SECTION:
dns.uni-heidelberg.de.	86400	IN	A	129.206.100.126
dns2.uni-heidelberg.de.	86400	IN	A	129.206.210.127

I’ll try to add a workaround for this zone as well.

For me, it works now.

dig heiconf.uni-heidelberg.de @1.1.1.1

; <<>> DiG 9.11.5-P4-5.1-Debian <<>> heiconf.uni-heidelberg.de @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9968
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;heiconf.uni-heidelberg.de.	IN	A

;; ANSWER SECTION:
heiconf.uni-heidelberg.de. 1483	IN	A	129.206.5.165

;; Query time: 4 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed May 13 14:18:56 CEST 2020
;; MSG SIZE  rcvd: 95

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.