Hi, I operate a caching naming server version 9.5.0-P1 for a small work group that includes an email server. From the server log file, there are occasional DNS error messages.
Upon closer examination using a packet sniffer, the email server sends out queries of type ANY for all sender/recipient domain names. There are just some domains which cause errors, for example, youbei.cc (which is not under our control.) I tried dig any youbei.cc and it returns the following error: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 64259 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 With heavy tracing turned on and rndc flush before executing the command, it gave the following log entries that I excerpted below: 24-Sep-2009 02:07:35.878 received packet: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28529 ;; flags: qr aa ; QUESTION: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 3 ;; QUESTION SECTION: ;youbei.cc. IN A ;; ANSWER SECTION: youbei.cc. 86400 IN SOA ns1.72dns.com. admin.youbei.cc. 100 3600 900 86400 3600 youbei.cc. 3600 IN NS ns1.72dns.com. youbei.cc. 3600 IN NS ns2.72dns.com. youbei.cc. 3600 IN MX 10 mail.youbei.cc. youbei.cc. 3600 IN A 211.155.230.241 ;; ADDITIONAL SECTION: ns1.72dns.com. 3600 IN A 121.12.173.174 ns2.72dns.com. 3600 IN A 211.155.230.241 mail.youbei.cc. 3600 IN A 58.61.157.116 24-Sep-2009 02:07:35.879 fctx d18160(youbei.cc/ANY'): cancelquery 24-Sep-2009 02:07:35.879 sockmgr dbea0: watcher got message -2 for socket -1 24-Sep-2009 02:07:35.880 dispatch 160dc88 response 160ce28 121.12.173.174#53: detaching from task ca310 24-Sep-2009 02:07:35.880 dispatch 160dc88: detach: refcount 0 24-Sep-2009 02:07:35.880 fctx d18160(youbei.cc/ANY'): add_bad 24-Sep-2009 02:07:35.881 dispatch 160dc88: got packet: requests 0, buffers 1, recvs 1 24-Sep-2009 02:07:35.881 FORMERR resolving 'youbei.cc/ANY/IN': 121.12.173.174#53 24-Sep-2009 02:07:35.881 fctx d18160(youbei.cc/ANY'): try 24-Sep-2009 02:07:35.882 fctx d18160(youbei.cc/ANY'): query It looks like that the authoritative name server for youbei.cc actually did return some answers, but somehow bind gave a FORMERR for some unknown reasons, which I think it caused a SERVFAIL to be reported in turn. Interestingly, dig any youbei.cc +trace ran successfully and did not report any error. Does anyone know what might have caused this problem? Best regards, Patrick _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
