status: SERVFAIL for AAAA

Kevin Darcy kcd at daimlerchrysler.com
Tue Jul 26 00:24:45 UTC 2005 

BIND 9.2.3 won't automatically return SERVFAIL for AAAA queries. It'll 
only do that if there is something genuinely wrong, e.g. zonefile 
missing/expired, etc..

I think what you're *really* asking is for BIND, acting as a resolver, 
to actually *modify* the SERVFAIL response it gets from broken old 
authoritative servers, into a NOERROR response. That's really a bad bad 
idea, changing valid responses on-the-fly. It's just a bandaid on an 
underlying problem, and would produce confusing and misleading results.

Either get the remote site to upgrade their nameserver software to 
something released in the past 5 years or so, or, failing that, 
implement sendmail's "WorkAroundBrokenAAAA" hack...

                                                                         
                                                   - Kevin

Karl Rink wrote:

>status: SERVFAIL for AAAA
> 
>is it possible to configure BIND 9.2.3 server to return opcode: QUERY, status: NOERROR instead of SERVFAIL
> 
>Problem:
>it appears that sendmail servers attempt to resolve hosts via AAAA first, and the return of a SERVFAIL causes the host to be 'unknown'.  
> 
>debian:~> dig mail.global.mxpath.net aaaa @ns4.mxpath.net
> 
>; <<>> DiG 9.2.4 <<>> mail.global.mxpath.net aaaa @ns4.mxpath.net
>;; global options:  printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 40019
>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> 
>;; QUESTION SECTION:
>;mail.global.mxpath.net.                IN      AAAA
> 
>;; Query time: 39 msec
>;; SERVER: 198.172.205.4#53(ns4.mxpath.net)
>;; WHEN: Mon Jul 25 16:20:39 2005
>;; MSG SIZE  rcvd: 40
> 
>debian:~>
> 
> 
> 
> 
>
>
>
> <http://www.singlefin.net/> 	  <http://www.singlefin.net/> Managed Protection Services	
>	
>
>Karl Rink
>	Singlefin
>2527 Manchester Avenue <http://maps.yahoo.com/maps_result?ed=x4OX0ep_0Tr7vyxX1xVwL4cndLNaNaQRZ4Y1UlYjyQ--&csz=Cardiff+by+the+Sea%2C+CA+92007&country=us> 
>Cardiff by the Sea, CA 92007
>USA	
>
>Email:	 krink at singlefin.net	
>Web:	 www.singlefin.net <http://www.singlefin.net/> 	
>MSN IM:	 krink at singlefin.net	
>AIM:	 krinkSF	
>Yahoo! IM:	 krinksinglefin	
>toll free:	 (866) 566-3346	 x305	
>office:	 (760) 230-2052	 x305	
>mobile:	 (619) 850-3430	 	
>fax: 	(619) 374-7227	 	
>	
> 
>
>
>
>
>
>  
>

More information about the bind-users mailing list