DNSSEC/unbound -> boingboing.net failures
Matthew Miller
mattdm at fedoraproject.org
Tue Jun 30 15:07:51 UTC 2015
With the DNSSEC feature enabled as per the testing instructions, I'm
sometimes (but not always) getting failures for popular geek blog Boing
Boing, when public DNS still works:
$ host boingboing.net
Host boingboing.net not found: 2(SERVFAIL)
$ host boingboing.net 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:
boingboing.net is an alias for boingboing.net.global.prod.fastly.net.
boingboing.net.global.prod.fastly.net is an alias for
global-ssl.fastly.net.
global-ssl.fastly.net is an alias for fallback.global-ssl.fastly.net.
fallback.global-ssl.fastly.net has address 199.27.76.249
fallback.global-ssl.fastly.net has address 23.235.46.249
What's going on here? How can I diagnose it, and how can we fix it so
that users don't have to diagnose these situations?
I'm concerned that if it's happening with this site (which Alexa rates
as in the top 1000 websites in the US), it'll happen with a lot of
others.
--
Matthew Miller
<mattdm at fedoraproject.org>
Fedora Project Leader
More information about the devel
mailing list