FORMERR-Format error issue
Scott Richardson
scott at bullittcomm.com
Thu Feb 1 05:27:06 UTC 2024
Hello,
-I have been troubleshooting a format error in BIND 9 for about a week
at this point.
-The symptoms:
-I am unable to resolve members.nmar.com.
-The nslookup output from a client to OUR private recursive DNS server
is as follows:
> members.nmar.com
Server: [100.101.0.10]
Address: 100.101.0.10
*** [100.101.0.10] can't find members.nmar.com: Server failed
-Our DNS server log output follows:
Jan 26 13:48:00 dns1 named[1609]: FORMERR resolving
'members.nmar.com/A/IN': 216.40.47.26#53
Jan 26 13:48:00 dns1 named[1609]: FORMERR resolving
'members.nmar.com/A/IN': 64.98.148.13#53
-It works with Cloudfare and Goole however:
> server 8.8.8.8
Default Server: dns.google
Address: 8.8.8.8
> members.nmar.com
Server: dns.google
Address: 8.8.8.8
Non-authoritative answer:
Name: public.west.us.memberzone.org
Address: 172.170.249.2
Aliases: members.nmar.com
-If I dig this from one of our other server it fails as well unless I
add the +norec option which DOES work.
-If I perform an nslookup to their authoritative DNS servers I get a
referral to the root name server list:
Server: ns1.hover.com
Address: 216.40.47.26
Name: nmar.com
Address: 20.25.91.29
> members.nmar.com
Server: ns1.hover.com
Address: 216.40.47.26
Non-authoritative answer:
Non-authoritative answer:
Name: members.nmar.com
Served by:
- a.root-servers.net
- b.root-servers.net
- c.root-servers.net
- d.root-servers.net
- e.root-servers.net
- f.root-servers.net
- g.root-servers.net
- h.root-servers.net
- i.root-servers.net
- j.root-servers.net
-I am not sure if this is an issue with us or them or I need to adjust
my configuration somehow to accommodate a problem on their server. I am
not sure why other DNS is working but ours is failing.
-This is tested with our server firewall disabled.
-I have disabled firewall rules within our network to confirm NO
firewall issues are causing this.
-I have checked the DNS with our upstream and they are resolving this
url correctly; therefore I don't suspect firewall issues within their
network.
-We are not using IPV6 at all at this time.
-This is occurring with both of our redundant DNS servers and I fired up
a test server with Bind 9.16 and it is giving me the same result.
-Any thoughts or suggestions would be very helpful and much appreciated!
Regards,
Scott
More information about the bind-users
mailing list