Understanding cause of DNS format error (FORMERR)

Gabriele Paggi gabriele.pgi at gmail.com
Tue Jun 26 12:55:44 UTC 2012

Hello Sam,

> There's some kind of delegation bug as well.  If I query
> dns1[0-3].one.microsoft.com for SOA and NS for
> partners.extranet.microsoft.com you get sensible answers though the
> origin host is different for each server queried and those origins are
> privately addressed.

Which kind of misconfiguration could lead to SOA records for hosts on
the internet to be privately addressed?
Misconfigured split horizon server?

> The authority for zero-answer responses such as
> vlasext.partners.extranet.microsoft.com/IN/AAAA is the SOA for
> partners.extranet.microsoft.com

What do you mean with "authority for zero-answer responses"?
What is the normal authority response I should get when querying for
non-existent records?
I'm trying a few third level domains (e.g. fabric.readthedocs.org) and
I most of the time get as authority section the SOA for the second
level domain (readthedocs.org).


> It's all rather horrible.

I concur!


More information about the bind-users mailing list