Hi all.
Sometimes I can't resolve some addresses and, in the logs, I can find the
message in the title:
lame-servers: error (FORMERR) resolving [something]
(where `something` is the address I'm trying to resolve).
What does it means?
And how can I resolve this problem?
Thank you!
Thank you.
So it's not my responsibility to resolve the problem, right?
The point is that, sometimes, I can't resolve an address because of this
lame servers, and dig (for example) fails.
Is it possible?
2013/1/8 Shane Kerr
> Daniele,
>
> On Tuesday, 2013-01-08 09:49:
If I use BIND9 forwarding all the queries not belonging to my local zones,
it works.
But if I don't forward those queries, `dig` sometimes (and this is weird)
fails (with "connection timed out; no servers could be reached") and the
logs are full of "lame server", "FORMERR".
Why?
_
ing name servers identified for each
>>> domain on the way.
>>>
>>> In this case, one of those name servers returned a packet that BIND 9
>>> did not like for some reason - a FORMat ERRor. The offending server is
>>> marked as "lame" since it
the presence of “dnssec-validaton“ line?
2013/1/8 Kevin Darcy
>
> On 1/8/2013 9:35 AM, Daniele wrote:
>
>> If I use BIND9 forwarding all the queries not belonging to my local
>> zones, it works.
>>
>> But if I don't forward those queries, `dig` sometimes
2013/1/9 Phil Mayers
> On 09/01/13 13:53, Daniele wrote:
>
>> This is the scenario.
>>
>> I installed BIND9 via `apt-get` on a newly installed UBUNTU 12.04,
>> virtualized on VirtualBox.
>> The network works properly because if I indicate a different server
Port 53 is open, I can also telnet it from another box in the same network.
Now I think the problem can be on the packets size, because I'm trying
every solution but nothing works.
2013/1/9 Lyle Giese
> On 01/09/13 08:39, Daniele wrote:
>
> 2013/1/9 Phil Mayers
>
>
2013/1/12 Lyle Giese
> On 01/11/13 03:05, Daniele wrote:
>
> Port 53 is open, I can also telnet it from another box in the same network.
> Now I think the problem can be on the packets size, because I'm trying
> every solution but nothing works.
>
>
> 2013/1/9 Lyle G
I'm going crazy.
This is my named.conf
logging {
channel default_logfile {
file "/var/cache/bind/logs/default.log";
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
c
ZE rcvd: 21
Output for `dig +nodnssec +noedns NS .` is the same as the previous, as for
`dig +nodnssec NS .`
The return packets have size of 743 bytes and they all contains infos about
NS for root zone.
2013/1/17 Warren Kumari
>
> On Jan 17, 2013, at 9:04 AM, Daniel
For example, also a `dig a.root-servers.net` fails with SERVFAIL, but in
Wireshark I can see the packet with the correct response that arrives at my
network interface.
2013/1/17 Daniele
> Output for `dig NS .`
> ; <<>> DiG 9.8.1-P1 <<>> @127.0.0.1 NS .
> ; (1
These are the outputs. I also attach the file containing them.
; <<>> DiG 9.8.1-P1 <<>> ns . +norec +noedns @198.41.0.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25625
;; flags: qr ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14
;; QUESTION
cache-server on the path? And why 'named'
doesn't "understand" the responses from these cache-servers?
2013/1/18 Mark Andrews
>
> In message <
> cal_2sc1szstumpmfceuqrf87nqwe+5n30qvguds7q-4g6va...@mail.gmail.com>,
> Daniele writes:
> > These are t
I'd like to install on Ubuntu 12.04 a DNS server using BIND9.
As a first step, I'd just like to configure it as a forwarder for my box
only.
This is what I do:
1. I deactivate `dnsmasq` editing
`/etc/NetworkManager/NetworkManager.conf` by commenting the `dns=dnsmasq`
line.
Before, the `/etc/resol
There are no rules in iptables, and they accept everything by default.
2012/11/25 Phil Mayers
> On 11/25/2012 04:12 PM, Daniele Imbrogino wrote:
>
>> Using Wireshark I can see that there are queries from my IP to a
>> root-server and replies in the reverse way, but the
Using BIND 9.8.1 on Ubuntu 12.04, I try to save the server cache using the
command "sudo rndc dumpdb -cache" (without quotes, obviously), but then I
can't find the file "/etc/bind/named_dump.db" being "/etc/bind/" the
working directory of the server.
Why?
__
cache/bind as default working directory, all the files are in
/etc/bind by default.
2012/12/3 Chris Buxton
> On Dec 3, 2012, at 7:41 AM, Daniele Imbrogino wrote:
>
> > Using BIND 9.8.1 on Ubuntu 12.04, I try to save the server cache using
> the command "sudo rndc dumpd
resolv.conf contains only 127.0.0.1 as nameserver.
The syslog contains a lot of errors as "insecurity proof failed", "no valid
RRSIG", "got insecure response" that I don't understand.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
Finally I solved it!
The problem was in the write permission of /etc, while in /var/cache/bind
it works perfectly!
Thank you for the assistance!
2012/12/5 Matus UHLAR - fantomas
> On 03.12.12 21:32, Daniele Imbrogino wrote:
>
>> I edited the working directory to /etc/bind because
No, I don't.
Just for this reason I can't have a cache dump.
Now, in /var, it works!
2012/12/6 Matus UHLAR - fantomas
>
>
> I hope you did not allow BIND writing to /etc...
> (/etc should be writable by admins, not daemons, that's why we use /var)
>
>
"127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
I've also updated "db.root" from ftp.internic.net/domain/db.cache
2012/12/5 Sten Carlsen
>
> On 05/12/12 18:29, Hauke Lampe wrote:
>
> On 05.12.2012 14:59, Daniele I
21 matches
Mail list logo
