SERVFAIL for www.kyb.mpg.de

1.1.1.1 and 1.0.0.1 return SERVFAIL when trying to resolve the domain www.kyb.mpg.de. Google’s 8.8.8.8 is resolving it fine.

dig www.kyb.mpg.de @1.1.1.1

; <<>> DiG 9.16.20-RH <<>> www.kyb.mpg.de @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 38504
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 6 (DNSSEC Bogus)
;; QUESTION SECTION:
;www.kyb.mpg.de.			IN	A

;; Query time: 55 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed Sep 08 21:30:16 CEST 2021
;; MSG SIZE  rcvd: 49
dig www.kyb.mpg.de @1.0.0.1

; <<>> DiG 9.16.20-RH <<>> www.kyb.mpg.de @1.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 13514
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 6 (DNSSEC Bogus)
;; QUESTION SECTION:
;www.kyb.mpg.de.			IN	A

;; Query time: 52 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Wed Sep 08 21:35:39 CEST 2021
;; MSG SIZE  rcvd: 49
dig www.kyb.mpg.de @8.8.8.8

; <<>> DiG 9.16.20-RH <<>> www.kyb.mpg.de @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46916
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.kyb.mpg.de.			IN	A

;; ANSWER SECTION:
www.kyb.mpg.de.		21600	IN	CNAME	npsw-www.mpg.de.
npsw-www.mpg.de.	3600	IN	A	134.76.31.205

;; Query time: 65 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Sep 08 21:36:40 CEST 2021
;; MSG SIZE  rcvd: 82
dig +short CHAOS TXT id.server @1.1.1.1
"FRA"

dig +short CHAOS TXT id.server @1.0.0.1
"FRA"

This post was flagged by the community and is temporarily hidden.

This post was hidden due to the MoreHelp tag being used ‘inappropriately,’ and should only be used on a post not receiving a response for 72 hours. The post above is 4 days old (96 hours), so I don’t see the problem. Or should the OP be the only one that uses the tag?

It’s supposed to be 72 hours after your own post. That way you don’t jump onto someone else’s thread with a Me Too! and MoreHelp tag it.

If it’s a problem the Community clearly can’t help with, I suggest you open a ticket and post the ticket # here. Tickets generally get auto-closed and referred to the Community, but if it really isn’t something we can help you fix, we can escalate it back to Support with that ticket #.

I’m not a paying customer, I just want to use 1.1.1.1. Can I open an official ticket to get this bug fixed?

Give it a try with an email to: support AT cloudflare DOT com and post the ticket # here.

Created #2254230, but it got closed immediately, because

we can only work with the account holder directly. We have automatically detected that you may not be the account owner of the domain(s) mentioned in this ticket.

I’ll wait a few days to see if the bug report here gets picked up by Cloudflare. If not and I don’t find another way to report bugs, I’ll have to switch to another upstream DNS provider, I guess.

It just seems that Cloudflare just doesn’t care. It seems like they only want to make 1.1.1.1 look pretty and advertise it to the world so that everyone relies more on Cloudflare or get more brand recognition. But they do not care about the product itself, as long as it works “for most users,” or the ping times are “better than the competition.” I stopped using Cloudflare’s Public DNS since last year due to the product clearly being a beta product with the DNSSEC issues, random domains not resolving and routing issues.

I mean yesterday again, random ping spikes on 1.1.1.1, while Google’s 8.8.8.8 and Quad9’s 9.9.9.9 was completely fine. I’d rather have a consistent experience than experience flaky results. Google’s Public DNS has never let me down and always resolved any domain name for 10 years now. Quad9 is relatively new to the game but offers solid blocking performance (better than Cloudflare’s 1.1.1.2 in my tests) and their support is superb. Any problem I have is quickly resolved and the development team is open to any suggestions. I am currently using Quad9 for any device that needs basic DNS security.

I think this is the last straw for me, Cloudflare does not care about the users of their DNS service. Tickets get closed with no response, bugs or non-resolving domains will stay unresolved for half a year or more. Fine, but then I’ll just stop using, recommending or reporting bugs for your service.
I wanted 1.1.1.1 to be a good product and reported many suggestions and bugs for both this service and WARP, but it just seems like they do not care.

Goodbye :v::v:



1.1.1.1



8.8.8.8



9.9.9.9