Hi,
I recently enabled DNSSEC validation on our DNS server internally and just as I enabled it I can't resolve any Cloud IP addresses anymore and it is Only this domain I have problem with.
When I do a nslookup for xxxxxxxxx.sn.mynetname.net I just get a Server failed
as a response. When I disable DNSSEC validation it works fine.
If I check the DNS Servers for mynetname.net I get that the PTR records are kind of misconfigured, they are not accessible over TCP on port 53 and ns1.kissthenet.net and ns2.kissthenet.net doesn't seem to be entirely synced as they have different SOA serials.
You can check it out here: https://zonemaster.iis.se/?resultid=3423360351d8ad66
There are no records for DNSSEC for this domain so I'm not really sure why it fails when enabling it, unless the queries goes over TCP when validation is enabled.
Can anyone confirm that they can lookup IP Cloud addresses when then have DNSSEC verification enabled on a Windows Server DNS?
There has been hundreds of lookups to other domains without any problem so something is not right here.