NOTE
If your issue is for security or deals with sensitive info please mark it as private using the checkbox below.
I've been using systemd-resolved with DNSSEC enabled, and I am not able to access pagure.io today with the following in the logs:
Oct 04 10:57:46 fanys-laptop systemd-resolved[6383]: [🡕] DNSSEC validation failed for question pagure.io IN DS: signature-expired Oct 04 10:57:46 fanys-laptop systemd-resolved[6383]: [🡕] DNSSEC validation failed for question pagure.io IN SOA: signature-expired Oct 04 10:57:46 fanys-laptop systemd-resolved[6383]: [🡕] DNSSEC validation failed for question pagure.io IN A: signature-expired Oct 04 10:57:46 fanys-laptop systemd-resolved[6383]: [🡕] DNSSEC validation failed for question pagure.io IN AAAA: signature-expired Oct 04 10:57:51 fanys-laptop systemd-resolved[6383]: [🡕] DNSSEC validation failed for question io IN DS: signature-expired Oct 04 10:57:51 fanys-laptop systemd-resolved[6383]: [🡕] DNSSEC validation failed for question io IN DNSKEY: signature-expired Oct 04 10:57:51 fanys-laptop systemd-resolved[6383]: [🡕] DNSSEC validation failed for question io IN SOA: signature-expired
If by any chance you are using CloudFlare DNS, then: https://www.cloudflarestatus.com/incidents/j3h00yhjyw6p
edit: more details here https://community.cloudflare.com/t/mel1-1-1-1-pop-not-resolving-domains-dnssec-failures-on-root-com-tv-etc-zones/565054
Are you still experiencing the issue?
pagure.io has never had dnssec enabled on it that I know of.
whois pagure.io | grep ^DNSS DNSSEC: unsigned
There's no DS records, nor do we sign the domain. ;)
So yeah, might be the above cloudflare thing?
Metadata Update from @phsmoura: - Issue priority set to: Waiting on Reporter (was: Needs Review) - Issue tagged with: low-gain, low-trouble, ops
If by any chance you are using CloudFlare DNS, then: https://www.cloudflarestatus.com/incidents/j3h00yhjyw6p edit: more details here https://community.cloudflare.com/t/mel1-1-1-1-pop-not-resolving-domains-dnssec-failures-on-root-com-tv-etc-zones/565054
Yeah, that was probably it. I wasn't in my usual location and the network I was using had CloudFlare DNS on the router. I can't verify it is fixed, but I'd assume so (and I'll be able to verify in about 3 weeks).
Thanks and sorry for bothering!
Metadata Update from @frantisekz: - Issue close_status updated to: Invalid - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.