Understanding 'format error" Messages
Michael Sinatra
michael at rancid.berkeley.edu
Thu Apr 15 21:17:10 UTC 2010
b19141 at anl.gov wrote:
> I am trying to understand "format error" messages like this one from
> BIND 9.7.0-P1:
>
> Apr 15 15:36:02 dnsserver.it.anl.gov named[8662]:
> [ID 873579 daemon.notice] DNS format error
> from 209.234.234.42#53 resolving markets.nytimes.wallst.com/AAAA
> for client 164.54.214.14#13132: invalid response
I haven't looked at the code too closely (maybe someone from ISC can
chime in), but I am also interested in understanding the range of
possible errors that this message indicates.
In this particular case, the authoritative nameserver is giving out an
obviously bogus NS record for wallst.com:
manasquan# dig wallst.com @209.234.224.42 any
; <<>> DiG 9.7.0-P1 <<>> wallst.com @209.234.224.42 any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17612
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;wallst.com. IN ANY
;; ANSWER SECTION:
wallst.com. 500 IN SOA
lb-www-p1-bb2-01.mgmt.local. hostmaster.lb-www-p1-bb2-01.mgmt.local. 390
10800 3600 604800 60
wallst.com. 500 IN NS lb-www-p1-bb2-01.mgmt.local.
Not sure if that's causing the format error, but it is obviously broken
(and all too common still).
michael
More information about the bind-users
mailing list