DNS log analysis , what might be the regions?
Shishir Saud
shishir at subisu.net.np
Mon Dec 5 05:31:31 UTC 2005
Basically, why must my DNS query not respond in time?
If this means, we have temporary dns name lookup failures, then i am
getting much of these on my logs.
Is there anyway, i can have these minimised/mitigated from my server ?
Regards
Shishir
william at elan.net wrote:
>Stephane Bortzmeyer wrote:
>
>
>>On Wed, Nov 30, 2005 at 08:53:26PM +0545,
>> Shishir Saud <shishir at subisu.net.np> wrote
>> a message of 22 lines which said:
>>
>>
>>
>>>what might be the regions for this ?
>>>
>>>
>>You mean the reasons?
>>
>>
>>
>>>unexpected RCODE (SERVFAIL) resolving
>>>'1.95.28.83.combined-HIB.dnsiplists.completewhois.com/A/IN':
>>>64.68.11.11#53
>>>
>>>
>
>There was an attack in the morning. Error code means none of the name
>servers responded in time.
>
>
>
>>Genuinely broken domain.
>>
>>% check_soa dnsiplists.completewhois.com
>>
>>
>
>Absense of SOA would not cause RCODE2
>
>
>
>>There was no response from dnsl2.completewhois.com
>>There was no response from dnsl1.completewhois.com
>>There is no name server running on dnsl3.completewhois.com
>>
>>
>
>rbldnsd does not seem to add soa for root of the actual loaded zones,
>but zones themselve have soa records, i.e.
>
>$dig soa 1.95.28.83.combined-HIB.dnsiplists.completewhois.com
>...
>combined-HIB.dnsiplists.completewhois.com. 3600 IN SOA
>comments.completewhois.c
>om. dnsl2.completewhois.com. 1133419520 7200 7200 604800 3600
>;; Received 121 bytes from 64.68.11.11#53(dnsl2.completewhois.com) in 0
>ms
>
>
>
>>>unexpected RCODE (SERVFAIL) resolving 'mistyuk2.biafuru.net/MX/IN':
>>>216.198.199.201#53
>>>
>>>
>>Genuinely broken domain.
>>
>>% check_soa biafuru.net
>>There was no response from ns4.webminders.com
>>There was no response from ns3.webminders.com
>>
>>
>
>
>
>
>
>
More information about the bind-users
mailing list