formerr for some queries until named restarted
Mark Andrews
Mark_Andrews at isc.org
Tue Aug 7 00:03:23 UTC 2007
> Others have responded with alternative configurations, so I'll not repeat
> those.
>
> If you'd like to investigate further, regardless of the ultimate
> configuration, then please note:
>
> FORMERR means the remote server server replied that the query had a format
> error. There are a bunch of reasons why DNS servers respond with FORMERR. In
> this regard, search engines are your friend ;) Perhaps the log on the modem
> may be of assistance?
No. It means named doesn't like the format of the response.
> Due to the nature of DSL services you may wish to retry the query soon
> afterwards, but after the negative cache has expired for the zone in
> question.
>
> It appears that linux box->modem appears to be the issue, so the suggestions
> from this list may well side step the issue, by using the root servers.
>
> Alternatively, if your ISP needs those precious few bytes of bandwidth that
> customer lookups will rob them of, you could forward to a name server they
> provide for customers (may be in the modems configuration), hopefully they
> will handle the requests better than the modem.
>
> On 6/8/07 3:00 PM, "Jason Grant" <expires07 at logular.com> wrote:
>
> > I have an ADSL modem that can operate as a nameserver, albeit without a
> > caching capability.
> >
> > To introduce some caching on my home network, I've set up bind9.4 on
> > fedora7 as shown below. It forwards to the modem when it does not have
> > an answer in its cache, and it is running in IPV4 mode with the -4
> > switch.
> >
> > With this setup, I regularly have a problem with named returning
> > SERVFAIL, and logging FORMERRs for particular queries (sample below).
> > After named returns an error it continues to do so for the same query
> > until it is restarted. If I query the modem directly, it resolves the
> > name without a problem. After restarting named, the query works fine.
> >
> > Another possible clue: this fault seems to occur repeatedly only for a
> > handful of queries. In recent days, I've encountered this problem
> > repeatedly for the following names, whereas others work fine:
> >
> > FORMERR resolving 'addons.glb.mozilla.com/A/IN': 192.168.1.1#53
> > FORMERR resolving 'download.eclipse.org/A/IN': 192.168.1.1#53
> > FORMERR resolving 'ftp.nai.com/A/IN': 192.168.1.1#53
> > FORMERR resolving 'madheifer.pacific.net.au/A/IN': 192.168.1.1#53
> > FORMERR resolving 'mail.internode.on.net/A/IN': 192.168.1.1#53
> > FORMERR resolving 'subclipse.tigris.org/A/IN': 192.168.1.1#53
> > FORMERR resolving 'update.nai.com/A/IN': 192.168.1.1#53
> >
> > Possible causes or troubleshooting tips appreciated.
> >
> > Thanks,
> >
> > Jason.
> >
> > # -------------------------------------------------
> > # My named.conf
> > # -------------------------------------------------
> > // Define an access list for our internal network
> > acl internal { 192.168.1.0/24; 127.0.0.1; };
> >
> > options {
> > directory "/var/named";
> >
> > // Forwarding occurs only on those queries for which the server
> > // is not authoritative and does not have an answer in its cache
> > forward only;
> > // adsl modem (running in router mode with DNS)
> > forwarders {
> > 192.168.1.1;
> > };
> >
> > # listen on localhost and internal interface only
> listen-on port 53 { 127.0.0.1; 192.168.1.254; };
> > dump-file "/var/named/data/cache_dump.db";
> > statistics-file "/var/named/data/named_stats.txt";
> > memstatistics-file "/var/named/data/named_mem_stats.txt";
> > query-source port 53;
> > allow-query { internal; };
> > };
> >
> > # -------------------------------------------------
> > # Oops, named cannot resolve my ISP's mail server
> > # -------------------------------------------------
> > [jas at talby ~]$ dig mail.internode.on.net
> >
> > ; <<>> DiG 9.4.1 <<>> mail.internode.on.net
> > ;; global options: printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 60323
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;mail.internode.on.net. IN A
> >
> > ;; Query time: 18 msec
> > ;; SERVER: 192.168.1.254#53(192.168.1.254)
> > ;; WHEN: Mon Aug 6 14:29:12 2007
> > ;; MSG SIZE rcvd: 39
> >
> > # -------------------------------------------------
> # It logged a FORMERR during the query above
> > # -------------------------------------------------
> > Aug 6 14:28:22 talby named[5074]: FORMERR resolving
> > 'mail.internode.on.net/A/IN': 192.168.1.1#53
> >
> > # -------------------------------------------------
> > # After restarting named, the query works fine
> > # -------------------------------------------------
> > [jas at talby ~]$ dig mail.internode.on.net
> >
> > ; <<>> DiG 9.4.1 <<>> mail.internode.on.net
> > ;; global options: printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61635
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
> >
> > ;; QUESTION SECTION:
> > ;mail.internode.on.net. IN A
> >
> > ;; ANSWER SECTION:
> > mail.internode.on.net. 41 IN A 203.16.214.182
> >
> > ;; AUTHORITY SECTION:
> > internode.on.net. 1086 IN NS ns3.on.net.
> > internode.on.net. 1086 IN NS ns2.on.net.
> > internode.on.net. 1086 IN NS ns4.on.net.
> > internode.on.net. 1086 IN NS ns1.on.net.
> >
> > ;; ADDITIONAL SECTION:
> > ns1.on.net. 40942 IN A 216.200.145.64
> > ns2.on.net. 40911 IN A 192.231.203.2
> > ns3.on.net. 40942 IN A 192.83.231.19
> > ns4.on.net. 43812 IN A 192.231.203.3
> >
> > ;; Query time: 68 msec
> > ;; SERVER: 192.168.1.254#53(192.168.1.254)
> > ;; WHEN: Mon Aug 6 14:30:50 2007
> > ;; MSG SIZE rcvd: 191
> >
> >
>
> --
> Kal Feher
>
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list