How to Produce "Invalid RR Type" Messages?
Kevin Darcy
kcd at daimlerchrysler.com
Fri Jun 1 20:48:59 UTC 2001
Barry Finkel wrote:
> I wrote:
> >>
> >> I am seeing lots of messages such as these in our BIND syslog files:
> >>
> >> May 29 07:48:40 dns2.anl.gov named[140]: invalid RR type 'MX'
> >> in authority section (name = 'nvl.army.mil')
> >> from [130.114.200.6].53
> >> May 29 07:48:40 dns2.anl.gov named[140]:
> >> invalid RR type 'A' in authority section (name = 'nvl.army.mil')
> >> from [130.114.200.6].53
>
> Thor Kottelin <thor at anta.net> replied:
> > There's a brief explanation available at
> > <URL:http://www.acmebw.com/askmrdns/bind-messages.html#idx_i>.
>
> The explanation there says, "All of these messages indicate a flaw in
> the implementation (not the configuration) of the remote name server."
>
> The Army hides the version of their DNS server, so I have no idea what
> they are running. My question now is this - If the Army is running
> BIND (8.x or 9.x), is there any way for them to have the errors I am
> seeing?
My speculation is that something is munging the contents of the response
header packet. If the section counts are messed up, then RRs can appear to be
in the wrong sections, thus an MX record in Authority instead of Answer and
A in Authority instead of Additional. It seems unlikely though, that only the
header would be munged, and not the RRs themselves. I'd expect munged RRs to
be caught at a lower level of the response-processing code.
- Kevin
More information about the bind-users
mailing list