When this message happens name service times out.

Cinense, Mark macinen at sandia.gov
Tue May 16 14:16:09 UTC 2000


I think I may have located the problem.  It seems that this message:

May 15 19:07:30 ns3 named[2346]: refused query on non-query socket from
[134.253.159.16].53

	Might have something to do with this:

Mon May 15 19:02:46 MDT 2000

root  2289     1  0 19:00:00 ?        0:00 /usr/local/sbin/named-xfer -z
os.kcp.com -f secondary/db.os.kcp.com -i secondar

	could someone please verify if this would be correct.

Mark


		-----Original Message-----
		From:	Barry Margolin [mailto:barmar at genuity.net]
		Sent:	May 09, 2000 11:13 AM
		To:	comp-protocols-dns-bind at moderators.isc.org
		Subject:	Re: When this message happens name service
times out.

		In article <18926.957890223 at gromit.rfc1035.com>,
		Jim Reid  <jim at rfc1035.com> wrote:
		>    Mark> May 9 07:50:20 ns4 named[22455]: refused query on
non-query
		>socket from [134.253.93.44].2072 
		>    Mark> May 9 07:50:20 ns4 named[22455]: refused query on
non-query
		>socket from [134.253.22.3].53
		>
		>These messages should be self-explanatory. A query with
source IP
		>address 134.253.22.3 and port number 53 - presumably a name
server? -
		>was sent to a socket that your name server didn't expect to
get
		>queries on.

		Actually, they're not quite so "self-explanatory".  When
this message is
		produced, named hasn't actually checked that the message is
a real query.
		What it really means is "A message that doesn't have the
'Query Reply' flag
		set was received on the random port that is used for replies
to recursive
		queries."  The wording of the message is based on the
assumption that a
		message to a DNS server is either a query or a reply, and if
the QR flag
		isn't set it must be a query; but it could be total garbage
(there's a 50%
		chance that a packet with random data will not have the QR
flag set).

		-- 
		Barry Margolin, barmar at genuity.net
		Genuity, Burlington, MA
		*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them
to newsgroups.
		Please DON'T copy followups to me -- I'll assume it wasn't
posted to the group.
		




More information about the bind-users mailing list