29 Srp
2022
29 Srp
'22
19:48
On 8/29/22 02:02, Vladimír Čunát wrote:
Hello.
On 29/08/2022 02.07, Mike Wright wrote:
Thank you, Vladimir.
Running knot-3.1.6, knot-resolver-5.4.4-1 on Ubuntu Jammy
kdig @cache www.cdc.gov.
www.cdc.gov. 300 IN CNAME www.akam.cdc.gov.
www.akam.cdc.gov. 20 IN A 23.74.139.138
I am a user, not a developer, of knot-resolver,
on ubuntu groovy.
When I look up something that has a CNAME and ask for an A record I
get a SERVFAIL. If I ask for the CNAME I get the correct answer but
then I have to do another search for the A record for that.
First of all, I suspect that you're using an old version of Knot
Resolver. That begins with Groovy being unsupported by Ubuntu for more
than a year already. Generally we support just the latest version of
Knot Resolver, though of course some issues found in an old version may
behave the same way in the latest version.
I'm not getting any issue with www.cdc.gov here. I'm a bit apprehensive
about cdc.gov, as historically their DNS were often broken, but I
haven't found any real issues with it now [1]. Still, CNAMEs are used
very commonly, so if they get broken often in your case, that's
certainly suspicious. But I'd recommend starting with upgrading (the OS
and) Knot Resolver.
[1] https://dnsviz.net/d/www.cdc.gov/Ywx_Rw/dnssec/
--Vladimir