dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1018
share rss forum feed


DaSneaky1D
what's up
Premium,MVM
join:2001-03-29
The Lou
Reviews:
·Charter

Is Verisign blocking DNS Caching Server Resolution?

I couldn't think of a better place to ask this question...

I've found that my caching DNS server being run from my home Internet connection (BIND, all internal with no external access) cannot resolve domain names that are authoritative to *.verisigndns.com. Any returned addresses come from Level 3's server of 4.2.2.2. I can't come across any examples of others having this issue, so that leads me to think that it's my configuration issue, but I can't find where.

 <<>> DiG 9.8.1-P1 <<>> a2.verisigndns.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62521
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
 
;; QUESTION SECTION:
;a2.verisigndns.com.            IN      A
 
;; ANSWER SECTION:
a2.verisigndns.com.     2464    IN      A       209.112.114.33
 
;; Query time: 43 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Sun Nov  3 18:55:11 2013
;; MSG SIZE  rcvd: 52
 

and....

<<>> DiG 9.8.1-P1 <<>> a2.verisigndns.com +trace
;; global options: +cmd
.                       82524   IN      NS      d.root-servers.net.
.                       82524   IN      NS      i.root-servers.net.
.                       82524   IN      NS      c.root-servers.net.
.                       82524   IN      NS      b.root-servers.net.
.                       82524   IN      NS      k.root-servers.net.
.                       82524   IN      NS      a.root-servers.net.
.                       82524   IN      NS      j.root-servers.net.
.                       82524   IN      NS      f.root-servers.net.
.                       82524   IN      NS      m.root-servers.net.
.                       82524   IN      NS      g.root-servers.net.
.                       82524   IN      NS      l.root-servers.net.
.                       82524   IN      NS      h.root-servers.net.
.                       82524   IN      NS      e.root-servers.net.
;; Received 436 bytes from 192.168.2.3#53(192.168.2.3) in 9 ms
 
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
;; Received 496 bytes from 193.0.14.129#53(193.0.14.129) in 63 ms
 
verisigndns.com.        172800  IN      NS      a1.verisigndns.com.
verisigndns.com.        172800  IN      NS      a2.verisigndns.com.
verisigndns.com.        172800  IN      NS      a3.verisigndns.com.
verisigndns.com.        172800  IN      NS      u1.verisigndns.com.
verisigndns.com.        172800  IN      NS      u2.verisigndns.com.
verisigndns.com.        172800  IN      NS      u3.verisigndns.com.
;; Received 315 bytes from 192.55.83.30#53(192.55.83.30) in 30540 ms
 

Has anyone every run into something similar?


DaSneaky1D
what's up
Premium,MVM
join:2001-03-29
The Lou
To follow-up...

I still do not know what's causing this, but to "fix" I added burberry.com to my zone file with a forwarder to Opendns' servers.