Discussion:
[Unbound-users] fail to resolv trello.com
A. Schulze
2014-11-06 06:59:00 UTC
Permalink
hello,

the domain trello.com could not be resolved ( "dig trello.com A" fail )
when I ask the authoritative nameservers directly I get answers with
decreasing TTL values.
Also the authority section list a nameserver twice, but that shouldn't
be the reason.

I could resolv www.trello.com which is a CNAME. (but that doesn't help
my customer because the webserver www.trello.com redirect via http to
trello.com :-/

Andreas
Ray Bellis
2014-11-06 08:21:37 UTC
Permalink
hello,

the domain trello.com<http://trello.com> could not be resolved ( "dig trello.com<http://trello.com> A" fail )

It’s working for me, via a 1.4.16 installation.

when I ask the authoritative nameservers directly I get answers with decreasing TTL values.

But that’s somewhat, umm, special


Curiously their servers (operated by incapsula.com<http://incapsula.com>) also appear to strip the RD bit from replies, contrary to RFC 1035.

kind regards,

Ray
Leen Besselink
2014-11-06 08:56:06 UTC
Permalink
Post by A. Schulze
hello,
the domain trello.com<http://trello.com> could not be resolved ( "dig trello.com<http://trello.com> A" fail )
It’s working for me, via a 1.4.16 installation.
when I ask the authoritative nameservers directly I get answers with decreasing TTL values.
They are a webacceleration service and CDN. A webacceleration service is a sort of caching proxy for HTML-pages.

Maybe their DNS-service is also a proxy and they want fast/predictable changes, so they take the original ttl from the real server and decrease it.
Post by A. Schulze
But that’s somewhat, umm, special…
Curiously their servers (operated by incapsula.com<http://incapsula.com>) also appear to strip the RD bit from replies, contrary to RFC 1035.
kind regards,
Ray
A. Schulze
2014-11-06 12:26:35 UTC
Permalink
Post by A. Schulze
It’s working for me, via a 1.4.16 installation.
I assume you haven't "use-caps-for-id: yes" enabled?

Andreas
Ray Bellis
2014-11-06 12:32:35 UTC
Permalink
Post by A. Schulze
I assume you haven't "use-caps-for-id: yes" enabled?
I can’t tell - I’m not operating or running that local resolver myself, it’s just one on our LAN.

Ray
Rygl Aleš
2014-11-06 18:38:11 UTC
Permalink
Post by A. Schulze
Post by A. Schulze
It’s working for me, via a 1.4.16 installation.
I assume you haven't "use-caps-for-id: yes" enabled?
Andreas
I can confirm that trello.com has a problem with 0x20. We use a quick & dirty
woraround - forward zones sending the requests to google...

~# cat /etc/unbound/unbound.conf.d/forward_zones

forward-zone:
name: trello.com.
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4

You have to include the file above to the main inbound config.

Ales

Loading...