gpg 2.1.15, no keyservers found for submit/recv, "DNS query returned an error or no records: No such domain (nxdomain)"

Thu Oct 27 16:39:03 CEST 2016

On Thu, Oct 27, 2016, at 07:13 AM, Daniel Kahn Gillmor wrote:
> In particular, if your nameserver is 8.8.8.8 you should be able to do
> this with:
> 
>    tcpdump -s 0 -w dirmngr-dns.pcap host 8.8.8.8
> 
> And then run the test sequence.
> 

using external NS (8.8.8.8) rather than my LAN's NS

	2 packets captured
	2 packets received by filter
	0 packets dropped by kernel

same as before

export, now

	No.     Time           Source                Destination           Protocol Length Info
	      1 0.000000       10.19.2.7             8.8.8.8               DNS      98     Standard query 0x311f SRV _hkp._tcp.hkps.pool.sks-keyservers.net

	Frame 1: 98 bytes on wire (784 bits), 98 bytes captured (784 bits)
	Ethernet II, Src: AsustekC_19:c3:26 (00:26:18:19:c3:26), Dst: Trendnet_c4:11:d9 (d8:eb:97:c4:11:d9)
	Internet Protocol Version 4, Src: 10.19.2.7, Dst: 8.8.8.8
	User Datagram Protocol, Src Port: 56463, Dst Port: 53
	Domain Name System (query)

	No.     Time           Source                Destination           Protocol Length Info
	      2 0.124320       8.8.8.8               10.19.2.7             DNS      148    Standard query response 0x311f No such name SRV _hkp._tcp.hkps.pool.sks-keyservers.net SOA ns2.kfwebs.net

	Frame 2: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits)
	Ethernet II, Src: Trendnet_c4:11:d9 (d8:eb:97:c4:11:d9), Dst: AsustekC_19:c3:26 (00:26:18:19:c3:26)
	Internet Protocol Version 4, Src: 8.8.8.8, Dst: 10.19.2.7
	User Datagram Protocol, Src Port: 53, Dst Port: 56463
	Domain Name System (response)

export, before

> ----------------------------------------
> No.     Time           Source                Destination           Protocol Length Info
>       1 0.000000       10.19.2.7           10.19.2.100         DNS      98     Standard query 0x311f SRV _hkp._tcp.hkps.pool.sks-keyservers.net
>
> Frame 1: 98 bytes on wire (784 bits), 98 bytes captured (784 bits)
> Ethernet II, Src: AsustekC_19:c3:26 (00:26:18:19:c3:26), Dst: Trendnet_c4:11:d9 (d8:eb:97:c4:11:d9)
> Internet Protocol Version 4, Src: 10.19.2.7, Dst: 10.19.2.100
> User Datagram Protocol, Src Port: 51597, Dst Port: 53
> Domain Name System (query)
>
> No.     Time           Source                Destination           Protocol Length Info
>       2 0.544341       10.19.2.100         10.19.2.7           DNS      148    Standard query response 0x311f No such name SRV _hkp._tcp.hkps.pool.sks-keyservers.net SOA ns2.kfwebs.net
>
> Frame 2: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits)
> Ethernet II, Src: Trendnet_c4:11:d9 (d8:eb:97:c4:11:d9), Dst: AsustekC_19:c3:26 (00:26:18:19:c3:26)
> Internet Protocol Version 4, Src: 10.19.2.100, Dst: 10.19.2.7
> User Datagram Protocol, Src Port: 53, Dst Port: 51597
> Domain Name System (response)
> ----------------------------------------

Also checked this from several machines on the LAN here.  Same result.

gpg 2.1.15, *no* keyservers found for submit/recv, "DNS query returned an error or no records: No such domain (nxdomain)"

gpg 2.1.15, no keyservers found for submit/recv, "DNS query returned an error or no records: No such domain (nxdomain)"