Responses in line below. Doug On 4/11/23 8:12 AM, Samuel Jackson wrote:
I wanted to run this by everyone to make sure I am not the one losing my mind over this.
A dig +trace cob.cms.hhs.gov <http://cob.cms.hhs.gov> fails for me as it looks like the NS for hhs.gov <http://hhs.gov> does not seem to resolve the hostname.
They shouldn't, since cms.hhs.gov is a delegated subzone. (Also, resolve is the wrong term, since those are authoritative servers, not resolvers.) The hhs.gov name servers are not authoritative for the cms.hhs.gov zone. Using `dig +trace cob.cms.hhs.gov` worked for me just now, so it's possible that they fixed something in response to Mark's message.
However dig +trace cms.hhs.gov <http://cms.hhs.gov> resolves and so does
That makes sense, delegated sub zone. :)
dig +trace eclkc.ohs.acf.hhs.gov <http://eclkc.ohs.acf.hhs.gov>
No delegated sub zones in the path here, so the hhs.gov name servers are authoritative for this host.
However if I simply ask my local resolver to resolve cob.cms.hhs.gov <http://cob.cms.hhs.gov>, it works. Any thoughts on why this is the case?
Because it's getting the answer from the child zone (cms) like it should. I'm sort of curious about what `dig +trace` results you received originally that made you believe that you weren't getting the right response. Are you currently seeing what you expect to see?