resolver: DNS format error from
Matus UHLAR - fantomas
uhlar at fantomas.sk
Wed May 17 12:40:28 UTC 2023
On 17.05.23 11:31, Greg Choules via bind-users wrote:
>TL;DR 9.18 is stricter than 9.16 at handling junk responses from
>authoritative servers.
I think there were even "DNS flag day"s when operators were supposed to
install/configure systems that comply to standards.
After next DNS flag say (none announced afaik) we should expect broken
servers stop being supported - whoever owns one, will have troubles.
>Looking at a packet capture for this from my own BIND server (9.18.14) the
>response from 195.178.56.17 is FORMERR, which tends to mean that it objects
>to something in the query. The correct response to something you don't like
>is to ignore it, so this server is not obeying protocol and 9.18 is not
>going to try and work around broken behaviour.
>
>I disabled sending of cookies to this server and now it works. It could be
>that it doesn't like cookies, or just any EDNS option that it doesn't know
>what to do with. Either way, it should be fixed.
>On Tue, 16 May 2023 at 15:53, Alex <mysqlstudent at gmail.com> wrote:
>> I have a bind-9.18.7 system on fedora37 and having some strange errors
>> with some queries.
>>
>> $ host info.apr.gov.rs
>> Host info.apr.gov.rs not found: 2(SERVFAIL)
>>
>> in my bind logs I have the following:
>> 16-May-2023 10:37:49.800 resolver: DNS format error from 195.178.56.17#53
>> resolving ns1.apr.gov.rs/AAAA for <unknown>: server sent FORMERR
>> 16-May-2023 10:37:49.800 lame-servers: received FORMERR resolving '
>> ns1.apr.gov.rs/AAAA/IN': 195.178.56.17#53
>> 16-May-2023 10:37:49.800 lame-servers: timed out resolving '
>> info.apr.gov.rs/A/IN': 212.62.49.194#53
>> 16-May-2023 10:37:49.800 query-errors: client @0x7f9d546d5168
>> 127.0.0.1#59712 (info.apr.gov.rs): query failed (failure) for
>> info.apr.gov.rs/IN/A at ../../../lib/ns/query.c:7717
>>
>> In the limited search results I've found for this, I believe it has
>> something to do with dnssec or EDNS, but I really don't know how to
>> troubleshoot this. Is this a known problem?
>>
>> It also appears to be happening with even hosts like ticketmaster?
>> 16-May-2023 10:21:09.348 lame-servers: FORMERR resolving '
>> engage.ticketmaster.com/NS/IN': 205.251.194.123#53
>>
>> The host resolves fine on my bind-9.16.38 system using the exact same
>> configuration, as well as most or all public resolvers.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
- Have you got anything without Spam in it?
- Well, there's Spam egg sausage and Spam, that's not got much Spam in it.
More information about the bind-users
mailing list