<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><div>Actually, the background is a little bit complicated. In short, the topo is as belows. dns1 were swapped by a new one (say dns1*), then the issue happened. After that, we dropped all the AAAA request from dns1*, then the issue was gone.</div><div><br></div><div>There is no config change during the whole process, no idea why the caching server has such log.</div><div><br></div><div>-------- ---------</div><div>|dns1 | | dns2 |</div><div>-------- ---------</div><div> | |</div><div> --------------</div><div> |</div><div><div> -----------------</div><div> |caching server| (where the log was observed)</div><div> ------------------</div><div><br></div><div style="font-size: 12px;font-family: Arial Narrow;padding:2px 0 2px 0;">------------------ Original ------------------</div><div style="font-size: 12px;background:#efefef;padding:8px;"><div><b>From: </b> "同屋";<39223722@qq.com>;</div><div><b>Send time:</b> Wednesday, Jan 6, 2021 8:43 PM</div><div><b>To:</b> "同屋"<39223722@qq.com>; "marka"<marka@isc.org>; <wbr></div><div><b>Cc:</b> "Bind-users"<Bind-users@lists.isc.org>; <wbr></div><div><b>Subject: </b> re:Re: "not subdomain of zone {XXXX} -- invalid response" errors found in named.run log</div></div><div><br></div><p>Thanks mark, but why this issue is related to load balancer? </p><br><br>------------------ Original Message ------------------<br><div style="font-size: 12px; background: none repeat scroll 0% rgb(239, 239, 239); padding: 8px;"><div><b>From: </b>"Mark Andrews"<marka@isc.org></marka@isc.org>;</div><div><b>Date: </b>2021-01-06 19:09</div><div><b>To: </b>"同屋"<39223722@qq.com>;</div><div><b>To: </b><p>"bind-users"<bind-users@lists.isc.org></bind-users@lists.isc.org>;</p></div><div><b>Subject: </b>Re: "not subdomain of zone {XXXX} -- invalid response" errors found in named.run log</div></div><br><br>Complain to the administrators of the zone. They have not properly delegated it. We see this often with load balancers. <div><br></div><div>The zone a.b.example has been delegated but the answer is as if it is from b.example. <br><div><br><div dir="ltr">-- <div>Mark Andrews</div></div><div dir="ltr"><br><blockquote type="cite">On 6 Jan 2021, at 21:02, 同屋 <39223722@qq.com> wrote:<br><br></blockquote></div><blockquote type="cite"><div dir="ltr"><div><p data-sourcepos="1:1-2:201" dir="auto">The version of bind is BIND 9.10.5-P3 <a>id:7d5676f</a> </p><p data-sourcepos="1:1-2:201" dir="auto">One day, I found that the size of named.run is increasing very quickly. And a lot of "invalid response" entries were spotted in the log. Details is as follows (I replace the sensitive info with {xxxx},{AAA} etc.)</p>
<p data-sourcepos="4:1-4:265" dir="auto">DNS format error from {IP}<a href="https://wx.mail.qq.com/xmspamcheck/xmsafejump?func=1&check_src=2&key=NyDNgVQUrxPZNYERgv3SpvEeyvuEU%2Fp%2B%2B%2FEVAygQwizFp8Mk%2Fc%2BZoE4GEuPHfy8nuLB1ei%2BRxqvFudoTEo4Jjgcdc2QzZZnvQzSkw%2FqLT9prcN88hbMPI6QCa1nXb1W%2BMg%3D%3D&spam_err_code=0" data-original="#53" data-link="false" data-link-reference="false" data-project="1" data-issue="76" data-reference-type="issue" data-container="body" data-placement="top" title="Implement "NXDOMAIN cut" (RFC 8020)" class="gfm gfm-issue has-tooltip">#53</a> resolving {XXXX}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org/AAAA for client 169.254.4.50#51099: Name epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org (SOA) not subdomain of zone node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org -- invalid response</p>
<p data-sourcepos="6:1-6:52" dir="auto">The response related to the above log is as follows:</p>
<p data-sourcepos="8:1-13:65" dir="auto">;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50664
;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;{XXXX}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. IN AAAA</p>
<p data-sourcepos="15:1-22:8" dir="auto">;; AUTHORITY SECTION:
;epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. 86400 IN SOA .mnc{AAA}.mcc{BBB}.gprs. dns-admin. (
; 2020122704 ; serial
; 10800 ; refresh (3 hours)
; 3600 ; retry (1 hour)
; 604800 ; expire (1 week)
; 86400 ; minimum (1 day)
; )</p>
<p data-sourcepos="25:1-26:79" dir="auto">============================================</p><p data-sourcepos="25:1-26:79" dir="auto">Normally, the FQDN should be cached as a NXRRSET record as follows: </p><p data-sourcepos="25:1-26:79" dir="auto">{XXXX}.bf.bf.node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org. 8412 -AAAA ;-$NXRRSET</p>
<p data-sourcepos="28:1-28:100" dir="auto">But when the issue happens, it cannot be cached, I guess it's related to the "invalid response" log.</p>
<p data-sourcepos="30:1-30:228" dir="auto">From the error log, it mentions "zone node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org", but I'm wondering where the zone "node.epc.mnc{AAA}.mcc{BBB}.3gppnetwork.org" comes from? I cannot found the related SOA record in the dump file.</p></div><span>_______________________________________________</span><br><span>Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list</span><br><span></span><br><span>ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.</span><br><span></span><br><span></span><br><span>bind-users mailing list</span><br><span>bind-users@lists.isc.org</span><br><span>https://lists.isc.org/mailman/listinfo/bind-users</span><br></div></blockquote></div></div></div>