BIND Lameness

Keith Burgoyne keith at silverorange.com
Tue Apr 3 02:37:23 UTC 2012 

Hi all,

I have what, I hope, will be a rather quick question regarding 'lame 
server resolving' errors.

I've recently replaced the master server at 24.222.7.11, and am now 
running bind 9.7.3.

My question is: I keep seeing log entries like

Apr  2 23:24:17 clementine named[5870]: lame server resolving 
'comuna.silverorange.com' (in 'silverorange.com'?): 24.222.7.12#53
Apr  2 23:24:01 clementine named[5870]: lame server resolving 
'veseys.com' (in 'veseys.com'?): 24.222.7.12#53

and the list goes on. I don't get a lot, probably a few a minute. But 
where do they come from? It's my understanding that they originate from 
a name server that's not configured to be authoritative for a domain, 
yet listed as such. Both of the domains above have 24.222.7.11 as the 
authoritative name server and, as far as I know, the bind install is 
configured as such.

Each time I dig, say, veseys.com, I get an authoritative answer from 
that server:

dig @ns1.silverorange.com veseys.com

; <<>> DiG 9.3.3 <<>> @ns1.silverorange.com veseys.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61939
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;veseys.com.                    IN      A

;; ANSWER SECTION:
veseys.com.             600     IN      A       24.222.7.65

;; AUTHORITY SECTION:
veseys.com.             600     IN      NS      ns3.silverorange.com.
veseys.com.             600     IN      NS      ns1.silverorange.com.
veseys.com.             600     IN      NS      ns2.silverorange.com.

;; ADDITIONAL SECTION:
ns1.silverorange.com.   1800    IN      A       24.222.7.12
ns2.silverorange.com.   1800    IN      A       24.222.7.2
ns3.silverorange.com.   1800    IN      A       208.43.127.190

;; Query time: 15 msec
;; SERVER: 24.222.7.12#53(24.222.7.12)
;; WHEN: Mon Apr  2 23:30:27 2012
;; MSG SIZE  rcvd: 159


So it's clearly showing up as the authoritative server. Hence, I can't 
figure out why those log entries are showing up. I've disabled ipv6 for 
now, using the "-4" option. I heard that can help.

Any pointers would be massively appreciated!

Thanks,

Keith

More information about the bind-users mailing list