lame-servers: error (FORMERR) resolving [something]
d.imbrogino at gmail.com
Wed Jan 9 13:53:58 UTC 2013
This is the scenario.
I installed BIND9 via `apt-get` on a newly installed UBUNTU 12.04,
virtualized on VirtualBox.
The network works properly because if I indicate a different server from my
own BIND9 (the first line of '/etc/resolv.conf' is, for example,
`nameserver 18.104.22.168`) the lookups and any action on the Internet succeed.
BIND9 configuration is the default one.
I deleted all local zones that I added (even if internal lookups worked
correctly). Now there are only default zones (root, localhost,
127.in-addr.arpa, 0.in-addr.arpa, 255.in-addr.arpa).
Options are the default ones
In this situation, if I dig anything the lookup fails, and the log is full
of "lame server" and "FORMERR".
Perhaps the problem is due to the presence of “dnssec-validaton“ line?
2013/1/8 Matus UHLAR - fantomas <uhlar at fantomas.sk>
> > Sometimes I can't resolve some addresses and, in the logs, I can find
>>> > the message in the title:
>>> > lame-servers: error (FORMERR) resolving [something]
>>> > (where `something` is the address I'm trying to resolve).
>>> > What does it means?
> 2013/1/8 Shane Kerr <shane at isc.org>
>>> When acting as a recursive resolver, BIND 9 follows the chain of
>>> delegation from the root, contacting name servers identified for each
>>> domain on the way.
>>> In this case, one of those name servers returned a packet that BIND 9
>>> did not like for some reason - a FORMat ERRor. The offending server is
>>> marked as "lame" since it cannot answer queries for the domain in
>>> The message should also include the IP address of the server that it is
>>> going to at the end of the line.
> On 08.01.13 13:05, Daniele wrote:
>> So it's not my responsibility to resolve the problem, right?
>> The point is that, sometimes, I can't resolve an address because of this
>> lame servers, and dig (for example) fails.
>> Is it possible?
> possible, yes. but I would not be sure, since there are many different
> reasons for the lookups to fail.
> and there are few web services that check proper DNS functionality. I
> check with more of them, since there's none I would completely trust.
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Spam = (S)tupid (P)eople's (A)dvertising (M)ethod
> Please visit https://lists.isc.org/mailman/**listinfo/bind-users<https://lists.isc.org/mailman/listinfo/bind-users>to unsubscribe from this list
> bind-users mailing list
> bind-users at lists.isc.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users