Thanks mark, but why this issue is related to load balancer?
------------------ Original Message ------------------
From: "Mark Andrews";
Date: 2021-01-06 19:09
To: "同屋"<39223...@qq.com>;
To:
"bind-users";
Subject: Re: "not subdomain of zone {XXXX} -- invalid response" errors found in
named.run log
Complain to the administrators of the zone. They have not properly delegated
it. We see this often with load balancers.
The zone a.b.example has been delegated but the answer is as if it is from
b.example.
-- Mark Andrews
On 6 Jan 2021, at 21:02, 同屋 <39223...@qq.com> wrote:
The version of bind is BIND 9.10.5-P3 id:7d5676f
One day, I found that the size of named.run is increasing very quickly. And a
lot of "invalid response" entries were spotted in the log. Details is as
follows (I replace the sensitive info with {xxxx},{AAA} etc.)
DNS format error from {IP}#53 resolving
{XXXX}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org/AAAA for client
169.254.4.50#51099: Name epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org (SOA) not
subdomain of zone node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org -- invalid response
The response related to the above log is as follows:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50664 ;; flags: qr
aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT
PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION:
;{XXXX}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. IN AAAA
;; AUTHORITY SECTION: ;epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. 86400 IN SOA
.mnc{AAA}.mcc{BBB}.gprs. dns-admin. ( ;
2020122704 ; serial ; 10800 ;
refresh (3 hours) ; 3600 ;
retry (1 hour) ; 604800 ; expire
(1 week) ; 86400 ; minimum (1
day) ; )
============================================
Normally, the FQDN should be cached as a NXRRSET record as follows:
{XXXX}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. 8412 -AAAA ;-$NXRRSET
But when the issue happens, it cannot be cached, I guess it's related to the
"invalid response" log.
From the error log, it mentions "zone
node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org", but I'm wondering where the zone
"node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org" comes from? I cannot found the
related SOA record in the dump file.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users