formerr for some queries until named restarted
Jason Grant
expires07 at logular.com
Mon Aug 6 05:00:26 UTC 2007
I have an ADSL modem that can operate as a nameserver, albeit without a
caching capability.
To introduce some caching on my home network, I've set up bind9.4 on
fedora7 as shown below. It forwards to the modem when it does not have
an answer in its cache, and it is running in IPV4 mode with the -4
switch.
With this setup, I regularly have a problem with named returning
SERVFAIL, and logging FORMERRs for particular queries (sample below).
After named returns an error it continues to do so for the same query
until it is restarted. If I query the modem directly, it resolves the
name without a problem. After restarting named, the query works fine.
Another possible clue: this fault seems to occur repeatedly only for a
handful of queries. In recent days, I've encountered this problem
repeatedly for the following names, whereas others work fine:
FORMERR resolving 'addons.glb.mozilla.com/A/IN': 192.168.1.1#53
FORMERR resolving 'download.eclipse.org/A/IN': 192.168.1.1#53
FORMERR resolving 'ftp.nai.com/A/IN': 192.168.1.1#53
FORMERR resolving 'madheifer.pacific.net.au/A/IN': 192.168.1.1#53
FORMERR resolving 'mail.internode.on.net/A/IN': 192.168.1.1#53
FORMERR resolving 'subclipse.tigris.org/A/IN': 192.168.1.1#53
FORMERR resolving 'update.nai.com/A/IN': 192.168.1.1#53
Possible causes or troubleshooting tips appreciated.
Thanks,
Jason.
# -------------------------------------------------
# My named.conf
# -------------------------------------------------
// Define an access list for our internal network
acl internal { 192.168.1.0/24; 127.0.0.1; };
options {
directory "/var/named";
// Forwarding occurs only on those queries for which the server
// is not authoritative and does not have an answer in its cache
forward only;
// adsl modem (running in router mode with DNS)
forwarders {
192.168.1.1;
};
# listen on localhost and internal interface only
listen-on port 53 { 127.0.0.1; 192.168.1.254; };
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
allow-query { internal; };
};
# -------------------------------------------------
# Oops, named cannot resolve my ISP's mail server
# -------------------------------------------------
[jas at talby ~]$ dig mail.internode.on.net
; <<>> DiG 9.4.1 <<>> mail.internode.on.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 60323
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;mail.internode.on.net. IN A
;; Query time: 18 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Mon Aug 6 14:29:12 2007
;; MSG SIZE rcvd: 39
# -------------------------------------------------
# It logged a FORMERR during the query above
# -------------------------------------------------
Aug 6 14:28:22 talby named[5074]: FORMERR resolving
'mail.internode.on.net/A/IN': 192.168.1.1#53
# -------------------------------------------------
# After restarting named, the query works fine
# -------------------------------------------------
[jas at talby ~]$ dig mail.internode.on.net
; <<>> DiG 9.4.1 <<>> mail.internode.on.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61635
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;mail.internode.on.net. IN A
;; ANSWER SECTION:
mail.internode.on.net. 41 IN A 203.16.214.182
;; AUTHORITY SECTION:
internode.on.net. 1086 IN NS ns3.on.net.
internode.on.net. 1086 IN NS ns2.on.net.
internode.on.net. 1086 IN NS ns4.on.net.
internode.on.net. 1086 IN NS ns1.on.net.
;; ADDITIONAL SECTION:
ns1.on.net. 40942 IN A 216.200.145.64
ns2.on.net. 40911 IN A 192.231.203.2
ns3.on.net. 40942 IN A 192.83.231.19
ns4.on.net. 43812 IN A 192.231.203.3
;; Query time: 68 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Mon Aug 6 14:30:50 2007
;; MSG SIZE rcvd: 191
More information about the bind-users
mailing list