lame-servers: error (FORMERR) resolving [something]
lyle at lcrcomputer.net
Sat Jan 12 04:08:58 UTC 2013
On 01/11/13 03:05, Daniele wrote:
> Port 53 is open, I can also telnet it from another box in the same
> Now I think the problem can be on the packets size, because I'm trying
> every solution but nothing works.
> 2013/1/9 Lyle Giese <lyle at lcrcomputer.net <mailto:lyle at lcrcomputer.net>>
> On 01/09/13 08:39, Daniele wrote:
>> 2013/1/9 Phil Mayers <p.mayers at imperial.ac.uk
>> <mailto:p.mayers at imperial.ac.uk>>
>> On 09/01/13 13:53, Daniele wrote:
>> This is the scenario.
>> I installed BIND9 via `apt-get` on a newly installed
>> UBUNTU 12.04,
>> virtualized on VirtualBox.
>> The network works properly because if I indicate a
>> different server from
>> my own BIND9 (the first line of '/etc/resolv.conf' is,
>> for example,
>> `nameserver 188.8.131.52`) the lookups and any action on the
>> Internet succeed.
>> No, this assumption is not valid.
>> I meant that I can reach the Internet and, vice versa, the
>> Internet can reach my terminal.
>> Please visithttps://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>> bind-users mailing list
>> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> Recursive queries that named does for a client are different than
> your machine as a dns client reaching out to Google's recursive
> You need to have UDP & TCP port 53 open to your recursive
> server(the one running named) first of all. And if any network
> element within your network limits the size of UDP packets, you
> will have problems with EDNS0 queries.
> On this box running named, try this:
> dig +trace www.msn.com <http://www.msn.com>
> dig +trace imperial.ac.uk <http://imperial.ac.uk>
> After dig gets a copy of the root servers from the local named, it
> will do the same type of queries that a recursive name server does.
> Lyle Giese
> LCR Computer Services, Inc.
Saying port 53 is open because you can telnet to it from a local
computer is a very limited test.
1) Telnet only use TCP, UDP is the primary/first communication channel
2) The router between this computer and the Internet is not at fault?
You have done no tests to prove that one way or the other.
Do a couple of dig +trace runs and see what that shows. And try some
any queries to a dnssec enable domain.
LCR Computer Services, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users