FORMERR on packet received from Forwarder
Tony Finch
dot at dotat.at
Mon Jun 16 16:34:32 UTC 2014
Levi Pederson <levipederson at mankatonetworks.net> wrote:
>
> I have an authoritative DNS server that is supposed to forward any
> unknowns to a specific upstream server.
You are mixing authoritative and recursive service in a way that is not
going to work well.
Forwarding is designed for recursive clients. It doesn't make sense to
forward queries on an authoritative server.
When BIND forwards to an upstream server it makes recursive queries and
expects the upstream server to return a complete response. Your upstream
server is not a recursive server: there is no RA bit set in the response,
and the response is a referral. BIND is objecting to a "non-improving
referral" which means that BIND thinks the server is authoritative for
zone X but the referral says zone X is elsewhere.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Fisher: North or northwest 5 to 7, occasionally gale 8 at first. Moderate or
rough. Fair. Good.
More information about the bind-users
mailing list