v4 DNS queries to root-servers refused

Queries from my Macbook to the root-servers using IPv4 are being

% dig -4 . soa

; <<>> DiG 9.4.3-P3 <<>> -4 . soa
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 12759
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

It's working ok via IPv6:

% dig -6 . soa

; <<>> DiG 9.4.3-P3 <<>> -6 . soa
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55962
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 13

It's causing problems for my local caching server.

I'm currently at the ietf-a.1x and my current IP addresses are:

% ifconfig en1
        inet6 fe80::21e:52ff:fe88:95f%en1 prefixlen 64 scopeid 0x6 
        inet6 2001:df8::96:21e:52ff:fe88:95f prefixlen 64 autoconf 
        inet netmask 0xfffff800 broadcast
        ether 00:1e:52:88:09:5f 
        media: autoselect status: active
        supported media: autoselect


One of our upstreams (CERNET) maintains a root cache for internal use, and we were accidentally redirected to use that cache. Unfortunately, we weren't added to the list of netblocks authorized to use the cache. Hence, for IPv4, we got redirected to a server that refused to answer us.

We've fixed things so queries now go out as expected. Could you test and verify that it's working now for you? All my tests come up clean.

Hugo has confirmed that it's now working. Closing.

