RCODE, FORMERR, and bad auth Errors

Steve Koon skoon at escapia.com
Thu Nov 6 04:52:45 UTC 2008 

So these are probably only temporary messages as we are migration
everything from UltraDNS to our own DNS servers.

Steve

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Mark Andrews
Sent: Wednesday, November 05, 2008 4:32 PM
To: Kevin Darcy
Cc: bind-users at isc.org
Subject: Re: RCODE, FORMERR, and bad auth Errors 


In message <49123512.1020204 at chrysler.com>, Kevin Darcy writes:
> I can resolve ns2.escapia.com/AAAA fine from both of those nameservers

> so either it was a temporary problem on the remote end, or you have
some 
> middlebox molesting your DNS packets.
> 
>

>                            - Kevin

	I see a referral.  For it to be a negative answer there
	needs to the SOA record in the authority section, AA=1 is
	not enough.  See RFC 2308.

	For it not the be a referral there needs to be a answer in
	the answer section or there needs to be a SOA record in the
	authority section.  The answers being returned from
	*.ultradns.net have neither.

	Bcc'd Support at UltraDNS.com so hopefully they can raise the
	issue with engineering.
	
	Mark

escapia.com.            172800  IN      NS      udns1.ultradns.net.
escapia.com.            172800  IN      NS      udns2.ultradns.net.
;; Received 117 bytes from 192.12.94.30#53(e.gtld-servers.net) in 4102
ms

escapia.com.            86400   IN      NS      pdns6.ultradns.co.uk.
escapia.com.            86400   IN      NS      pdns5.ultradns.info.
escapia.com.            86400   IN      NS      pdns4.ultradns.org.
escapia.com.            86400   IN      NS      pdns3.ultradns.org.
escapia.com.            86400   IN      NS      pdns2.ultradns.net.
escapia.com.            86400   IN      NS      pdns1.ultradns.net.
escapia.com.            86400   IN      NS      escapia.com.
;; BAD (HORIZONTAL) REFERRAL
;; Received 234 bytes from 204.69.234.1#53(udns1.ultradns.net) in 169 ms

 
> Steve Koon wrote:
> > I am getting some error messages in my primary dns server log file
and
> > was wondering if I could get a little help on what steps to take
that
> > would resolve these.
> >  
> >
> > Thanks,
> >
> > Steve
> >
> >  
> >
> >  
> >
> >  
> >
> > ===== Snapshot of the Primary Log file =====
> >
> > zone mthoodrentals.com/IN: sending notifies (serial 2008110402)
> >
> > unexpected RCODE (SERVFAIL) resolving 'ns2.escapia.com/AAAA/IN':
> > 63.251.161.33#53
> >
> > FORMERR resolving 'ns2.escapia.com/AAAA/IN': 204.69.234.1#53
> >
> > FORMERR resolving 'ns2.escapia.com/AAAA/IN': 204.74.101.1#53
> >
> > too many timeouts resolving 'ns2.escapia.com/AAAA' (in
'escapia.com'?):
> > disabling EDNS
> >
> > client 69.25.129.118#1886: transfer of
'bigtreesvacationrentals.com/IN':
> > AXFR started
> >
> > client 69.25.129.118#1886: transfer of
'bigtreesvacationrentals.com/IN':
> > AXFR ended
> >
> > client 69.25.129.117#4523: transfer of
'bigtreesvacationrentals.com/IN':
> > AXFR started
> >
> > client 69.25.129.117#4523: transfer of
'bigtreesvacationrentals.com/IN':
> > AXFR ended
> >
> > invalid command from 127.0.0.1#1454: bad auth
> >
> >  
> >
> >  
> >
> > ===== Primary name.conf =====
> >
> > options {
> >
> >  
> >
> >         directory "C:\WINDOWS\system32\dns\etc";
> >
> >         dump-file
"C:\WINDOWS\system32\dns\etc\named\dump\nameddump.db";
> >
> >         statistics-file
> > "C:\WINDOWS\system32\dns\etc\named\stats\named.stats";
> >
> >             pid-file
"C:\WINDOWS\system32\dns\etc\named\run\named.pid";
> >
> >             recursion yes;
> >
> >             zone-statistics yes;
> >
> >         forwarders { 63.251.161.33 ; 63.251.161.1; };
> >
> >  
> >
> >         #forward first;
> >
> >  
> >
> >         listen-on-v6 { any; };
> >
> >             dnssec-enable yes;
> >
> > };
> >
> >  
> >
> > key "rndc-key" { algorithm hmac-md5; secret "?????????????????????";
};
> >
> >  
> >
> > controls {
> >
> >             inet 127.0.0.1 port 953 allow { localhost; } keys {
> > "rndc-key"; };
> >
> > };
> >
> >  
> >
> >             logging{
> >
> >             channel my_log{
> >
> >                         file
> > "C:\WINDOWS\system32\dns\etc\named\log\named.log" versions 3 size
250k;
> >
> >                         severity info;
> >
> >             };
> >
> >             category default{
> >
> >                         my_log;
> >
> >             };
> >
> > };
> >
> >  
> >
> >  
> >
> > zone "." in {
> >
> >         type hint;
> >
> >         file "named\zones\root.servers";
> >
> > };
> >
> >  
> >
> > zone "localhost" in {
> >
> >         type master;
> >
> >         file "named\zones\master.localhost";
> >
> > };
> >
> >  
> >
> > zone "0.0.127.in-addr.arpa" in {
> >
> >         type master;
> >
> >         file "named\zones\localhost.rev";
> >
> > };
> >
> >  
> >
> >  
> >
> > # Reverse Zone for 69.25.129.0
> >
> > zone "129.25.69.IN-ADDR.ARPA" in {
> >
> >         type master;
> >
> >         file
> > "C:\WINDOWS\system32\dns\etc\named\zones\129.25.69.IN-ADDR.ARPA";
> >
> >             
> >
> > };
> >
> >  
> >
> > #
> >
> > zone bigtreesvacationrentals.com. in {
> >
> >         type master;
> >
> >         file
> >
"C:\WINDOWS\system32\dns\etc\named\zones\bigtreesvacationrentals.com.zon
> > e";
> >
> > };
> >
> >  
> >
> > #
> >
> > zone mthoodrentals.com. in {
> >
> >             type master;
> >
> >         file
> > "c:\windows\system32\dns\etc\named\zones\mthoodrentals.com.zone";
> >
> > };
> >
> >  
> >
> >  
> >
> >
> >
> >
> >
> >   
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list