Formerr
Pete Ehlke
pde at rfc822.net
Sat Oct 15 13:19:56 UTC 2005
On Sat Oct 15, 2005 at 10:54:31 +0200, Andy Pieters wrote:
>Hi List
>I am seeing a lot of these style of errors in my logs
>
>Oct 13 11:21:02 giga named[29413]: FORMERR resolving 'ns1.anwoo.com/AAAA/IN':
>222.51.53.170#53
>
>Anything to worry about, and if not, can I make bind stop reporting them?
; <<>> DiG 9.3.1 <<>> ns1.anwoo.com aaaa @221.11.134.26
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11703
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0
;; QUESTION SECTION:
;ns1.anwoo.com. IN AAAA
;; ANSWER SECTION:
ns1.anwoo.com. 0 IN A 4.0.0.0
;; AUTHORITY SECTION:
wildcard.com. 600 IN NS 221.11.133.10.
wildcard.com. 600 IN NS 221.11.134.26.
wildcard.com. 600 IN NS 222.51.53.170.
wildcard.com. 600 IN NS 221.12.161.101.
;; Query time: 512 msec
;; SERVER: 221.11.134.26#53(221.11.134.26)
;; WHEN: Sat Oct 15 09:13:29 2005
;; MSG SIZE rcvd: 165
anwoo.com's name servers are severely broken, returning an A record when
asked for AAAA, returning extra, bogus Authority data, and so on.
Oddly, it looks like whatever query they are sent returns the same
four addresses as NS records, with different names. Looks like someone
thought they knew how to write a name server.
-P.
More information about the bind-users
mailing list