BOGUS domain which is not BOGUS?

Talkabout · April 30, 2019, 8:10am

Please follow the below template, it will help us to help you!

Expected Behaviour:

www.teleman.pl should not be listed as BOGUS domain when DNSSEC is activated in piHole

Actual Behaviour:

piHole shows "BOGUS" status for domain www.teleman.pl. Trying to "dig" the domain with either pdns-recursor or Google's upstream server does not indicate any DNSSEC problems. Here is the output:

resolution with piHole: dig www.teleman.pl @127.0.0.1 +dnssec +multi

; <<>> DiG 9.9.5-9+deb8u17-Raspbian <<>> www.teleman.pl @127.0.0.1 +dnssec +multi
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 22447
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;www.teleman.pl.                IN A

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Apr 30 10:03:31 CEST 2019
;; MSG SIZE  rcvd: 43

resolution with pdns-recursor: dig www.teleman.pl @127.0.0.1 -p 5454 +dnssec +multi

; <<>> DiG 9.9.5-9+deb8u17-Raspbian <<>> www.teleman.pl @127.0.0.1 -p 5454 +dnssec +multi
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28181
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;www.teleman.pl.                IN A

;; ANSWER SECTION:
www.teleman.pl.         2161 IN A 195.201.153.25

;; Query time: 1 msec
;; SERVER: 127.0.0.1#5454(127.0.0.1)
;; WHEN: Tue Apr 30 10:04:21 CEST 2019
;; MSG SIZE  rcvd: 59

resolution with Google: dig www.teleman.pl @8.8.8.8 +dnssec +multi

; <<>> DiG 9.9.5-9+deb8u17-Raspbian <<>> www.teleman.pl @8.8.8.8 +dnssec +multi
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2653
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;www.teleman.pl.                IN A

;; ANSWER SECTION:
www.teleman.pl.         232 IN A 195.201.153.25

;; Query time: 25 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Apr 30 10:05:01 CEST 2019
;; MSG SIZE  rcvd: 59

So it seems to me that there is something going wrong on piHole side...

Debug Token:

https://tricorder.pi-hole.net/iqm2dts12r!

Thanks for help!

Bye