refused query on non-query socket from...
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Wed Mar 6 00:33:24 UTC 2002
>
>
> I saw someone post mid-january about getting the "refused query on
> non-query socket from..." when running the 8.3.0 version. Someone
> responded with the fact that a query was coming in on a port listening
> for the response to a recursive query. Fair enough... Except that I
> know this is not what is happening.
>
> We are having the same problem (with 8.3.0 and 8.3.1 both); except
> that these are RESPONSE packets that for some reason 8.3.x is munging
> into request packets--or so it would appear. The IP addresses that
> are listed in these sysloged errors are the DNS servers for names
> we are trying to resolve.
>
> Thoughts?
There are BROKEN nameservers that fail to set "QR" when they
respond to a EDNS query. When BIND 8.3 sees a reply like the
following it will generate a "refused query on non-query socket"
message.
Mark
% /usr/local/bin/dig +bufsize=512 www.janus.com @uunet-gd.janus.com.
; <<>> DiG 9.2.1rc1 <<>> +bufsize=512 www.janus.com @uunet-gd.janus.com.
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 6718
;; flags: rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; Query time: 248 msec
;; SERVER: 64.57.180.195#53(uunet-gd.janus.com.)
;; WHEN: Wed Mar 6 11:25:46 2002
;; MSG SIZE rcvd: 12
%
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list