Hacker News new | ask | show | jobs
by dark-star 41 days ago
How come I have zero problems with any .de domain I tried accessing in the last half hour?
2 comments
AndroTux 41 days ago
maybe your upstream doesn't validate DNSSEC?
link
dark-star 41 days ago
maybe? I'm using PiHole and 8.8.8.8/1.1.1.1 as upstream, and both options show "DNSSEC" next to their options in settings, so I assumed DNSSEC was enabled (unless I have to enable this somewhere else as well?)
link
warpspin 41 days ago
That's weird cause 8.8.8.8/1.1.1.1 will already answer with SERVFAIL right now, unless the domain is still in the cache.
link
pw6hv 41 days ago
cache
link
dark-star 40 days ago
unlikely, as I have also successfully tried domains that I never visited before (at least not in the last 12 months) and according to my PiHole log they were successfully retrieved from 1.1.1.1. and/or 8.8.8.8, which should use DNSSEC
link