Open MartenBE opened 5 years ago
To be clear: the feature for the federation tester would be "detect when the DNS system returns an error, and don't ignore it", as opposed to anything specific to A records where we expect a SRV record:
rav@fred:~$ dig @8.8.8.8 -t SRV _matrix._tcp.martenbe.duckdns.org
; <<>> DiG 9.11.3-1ubuntu1.8-Ubuntu <<>> @8.8.8.8 -t SRV _matrix._tcp.martenbe.duckdns.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 61560
^^^^^^^^ this
[of course the problem is that, depending on which recursive resolver the federation tester uses, some will return a SERVFAIL, whereas others will just ignore the spurious result from duckdns]
I've had trouble setting up federation using duckdns.org, but the federation tester did not show any errors. After investigation by @richvdh in https://github.com/matrix-org/synapse/issues/5882, we discoverd it was caused by the wildcard functionality of duckdns. This intrudes a *.example.com wildcard A record which causes errors in Synapse as it expects nothing or an SRV record. It would be handy if the federation tester could detect this in case others try to use (dynamic) DNS services with wildcards.