Message parser reports malformed message packet
Mark Andrews
marka at isc.org
Mon Nov 4 21:09:05 UTC 2013
Their nameservers are broken. They are generating malformed
responses. They are sending partial records when the answer does
not fit. Note this ends halfway through a A record. Only the owner
name, class, type and the first two octets of the ttl are present
from the last RR.
Any records / rrsets added to a DNS QUERY response should be
*complete*.
I have CC'd postmaster at locaweb.com.br but you may want to try other
channels to inform them that they have broken nameservers.
Mark
0x0000: 4500 021c 0000 4000 2c11 db95 c94c 2802 E..... at .,....L(.
0x0010: c0a8 bf44 0035 ddf6 0208 7e6c 5f9a 8600 ...D.5....~l_...
0x0020: 0001 0001 000d 000d 0377 7777 0773 6f6e .........www.son
0x0030: 6461 6974 0674 6173 6b65 7203 636f 6d02 dait.tasker.com.
0x0040: 6272 0000 0100 01c0 0c00 0500 0100 000e br..............
0x0050: 1000 2e10 7472 6961 6c2d 3139 3130 3037 ....trial-191007
0x0060: 3037 3639 0973 612d 6561 7374 2d31 0365 0769.sa-east-1.e
0x0070: 6c62 0961 6d61 7a6f 6e61 7773 0363 6f6d lb.amazonaws.com
0x0080: 0000 0002 0001 0007 e900 0014 0161 0c72 .............a.r
0x0090: 6f6f 742d 7365 7276 6572 7303 6e65 7400 oot-servers.net.
0x00a0: 0000 0200 0100 07e9 0000 0401 62c0 7200 ............b.r.
0x00b0: 0002 0001 0007 e900 0004 0163 c072 0000 ...........c.r..
0x00c0: 0200 0100 07e9 0000 0401 64c0 7200 0002 ..........d.r...
0x00d0: 0001 0007 e900 0004 0165 c072 0000 0200 .........e.r....
0x00e0: 0100 07e9 0000 0401 66c0 7200 0002 0001 ........f.r.....
0x00f0: 0007 e900 0004 0167 c072 0000 0200 0100 .......g.r......
0x0100: 07e9 0000 0401 68c0 7200 0002 0001 0007 ......h.r.......
0x0110: e900 0004 0169 c072 0000 0200 0100 07e9 .....i.r........
0x0120: 0000 0401 6ac0 7200 0002 0001 0007 e900 ....j.r.........
0x0130: 0004 016b c072 0000 0200 0100 07e9 0000 ...k.r..........
0x0140: 0401 6cc0 7200 0002 0001 0007 e900 0004 ..l.r...........
0x0150: 016d c072 c070 0001 0001 0036 ee80 0004 .m.r.p.....6....
0x0160: c629 0004 c08f 0001 0001 0036 ee80 0004 .).........6....
0x0170: c0e4 4fc9 c09e 0001 0001 0036 ee80 0004 ..O........6....
0x0180: c021 040c c0ad 0001 0001 0036 ee80 0004 .!.........6....
0x0190: 8008 0a5a c0bc 0001 0001 0036 ee80 0004 ...Z.......6....
0x01a0: c0cb e60a c0cb 0001 0001 0036 ee80 0004 ...........6....
0x01b0: c005 05f1 c0da 0001 0001 0036 ee80 0004 ...........6....
0x01c0: c070 2404 c0e9 0001 0001 0036 ee80 0004 .p$........6....
0x01d0: 803f 0235 c0f8 0001 0001 0036 ee80 0004 .?.5.......6....
0x01e0: c024 9411 c107 0001 0001 0036 ee80 0004 .$.........6....
0x01f0: c03a 801e c116 0001 0001 0036 ee80 0004 .:.........6....
0x0200: c100 0e81 c125 0001 0001 0036 ee80 0004 .....%.....6....
0x0210: c620 400c c134 0001 0001 0036 .. at ..4.....6
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.10.0a1 <<>> www.sondait.tasker.com.br @201.76.40.2 +nodnssec +noedns +ignore +besteffort +all +norec
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58468
;; flags: qr aa tc; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 13
;; WARNING: Message has 6 extra bytes at end
;; QUESTION SECTION:
;www.sondait.tasker.com.br. IN A
;; ANSWER SECTION:
www.sondait.tasker.com.br. 3600 IN CNAME trial-1910070769.sa-east-1.elb.amazonaws.com.
;; AUTHORITY SECTION:
. 518400 IN NS a.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS g.root-servers.net.
. 518400 IN NS h.root-servers.net.
. 518400 IN NS i.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS m.root-servers.net.
;; ADDITIONAL SECTION:
a.root-servers.net. 3600000 IN A 198.41.0.4
b.root-servers.net. 3600000 IN A 192.228.79.201
c.root-servers.net. 3600000 IN A 192.33.4.12
d.root-servers.net. 3600000 IN A 128.8.10.90
e.root-servers.net. 3600000 IN A 192.203.230.10
f.root-servers.net. 3600000 IN A 192.5.5.241
g.root-servers.net. 3600000 IN A 192.112.36.4
h.root-servers.net. 3600000 IN A 128.63.2.53
i.root-servers.net. 3600000 IN A 192.36.148.17
j.root-servers.net. 3600000 IN A 192.58.128.30
k.root-servers.net. 3600000 IN A 193.0.14.129
l.root-servers.net. 3600000 IN A 198.32.64.12
;; Query time: 368 msec
;; SERVER: 201.76.40.2#53(201.76.40.2)
;; WHEN: Tue Nov 05 07:56:01 EST 2013
;; MSG SIZE rcvd: 512
In message <BLU172-W48A5D01599155E80E09D8AD3F60 at phx.gbl>, =?iso-8859-1?B?RuFiaW
8gR29tZXM=?= writes:
> Hi,
>
> I'm having issues trying to resolve www.sondait.tasker.com.br. The
> result from dig +trace is as follows:
>
>
>
> # dig www.sondait.tasker.com.br +trace
>
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>>
> www.sondait.tasker.com.br +trace
> ;; global options: +cmd
> . 516836 IN NS c.root-servers.net.
> . 516836 IN NS a.root-servers.net.
> . 516836 IN NS f.root-servers.net.
> . 516836 IN NS i.root-servers.net.
> . 516836 IN NS j.root-servers.net.
> . 516836 IN NS b.root-servers.net.
> . 516836 IN NS h.root-servers.net.
> . 516836 IN NS k.root-servers.net.
> . 516836 IN NS m.root-servers.net.
> . 516836 IN NS l.root-servers.net.
> . 516836 IN NS d.root-servers.net.
> . 516836 IN NS e.root-servers.net.
> . 516836 IN NS g.root-servers.net.
> ;; Received 512 bytes from 172.31.1.254#53(172.31.1.254) in 13 ms
>
> br. 172800 IN NS a.dns.br.
> br. 172800 IN NS b.dns.br.
> br. 172800 IN NS c.dns.br.
> br. 172800 IN NS d.dns.br.
> br. 172800 IN NS e.dns.br.
> br. 172800 IN NS f.dns.br.
> ;; Received 323 bytes from 192.203.230.10#53(192.203.230.10) in 139 ms
>
> tasker.com.br. 86400 IN NS ns1.locaweb.com.br.
> tasker.com.br. 86400 IN NS ns2.locaweb.com.br.
> tasker.com.br. 86400 IN NS ns3.locaweb.com.br.
> ;; Received 153 bytes from 200.160.0.10#53(200.160.0.10) in 34 ms
>
> ;; Warning: Message parser reports malformed message packet.
> ;; Truncated, retrying in TCP mode.
> ;; Connection to 201.76.40.2#53(201.76.40.2) for
> www.sondait.tasker.com.br failed: connection refused.
> ;; Connection to 187.45.246.2#53(187.45.246.2) for
> www.sondait.tasker.com.br failed: connection refused.
> ;; Connection to 189.126.108.2#53(189.126.108.2) for
> www.sondait.tasker.com.br failed: connection refused.
>
>
> I don't know where to start to solve this issue. Using my Internet
> provider's DNS I got a positive answer.
>
> Could you please help me solve this issue?
>
>
> Thanks in advance.
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list