Discussion:
Error logs in bind resolving
Gaurav Kansal
2013-12-30 10:29:19 UTC
Permalink
Dear All,



In my bind server logs, I am getting too much error logs of below mentioned
type.

Can anyone pl. explain me why I am getting these logs and how to get rid of
those.



Although when I am doing dig for the domain (for which I am getting the
error), I am getting the valid output.



Thanks.



Dec 30 15:54:18 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53

Dec 30 15:54:18 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.11#53

Dec 30 15:54:39 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53

Dec 30 15:54:39 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.11#53

Dec 30 15:54:40 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53

Dec 30 15:54:40 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.11#53

Dec 30 15:54:40 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'm.ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53

Dec 30 15:54:41 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53

Dec 30 15:54:41 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'm.ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.11#53

Dec 30 15:54:42 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.11#53

Dec 30 15:54:43 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53

Dec 30 15:54:43 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.11#53

Dec 30 15:54:52 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'w27.b.cap-mii.net/AAAA/IN': 120.89.70.10#53

Dec 30 15:54:52 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'w27.b.cap-mii.net/AAAA/IN': 216.38.174.11#53

Dec 30 15:54:52 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'w27.b.cap-mii.net/AAAA/IN': 120.89.70.11#53

Dec 30 15:54:52 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'w27.b.cap-mii.net/AAAA/IN': 216.38.174.10#53

Dec 30 15:54:53 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'w27.b.cap-mii.net/AAAA/IN': 120.89.70.11#53

Dec 30 15:54:53 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'w27.b.cap-mii.net/AAAA/IN': 216.38.174.11#53

Dec 30 15:54:53 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'w27.b.cap-mii.net/AAAA/IN': 120.89.70.10#53

Dec 30 15:54:53 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'w27.b.cap-mii.net/AAAA/IN': 216.38.174.10#53

Dec 30 15:55:31 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53

Dec 30 15:55:32 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.11#53

Dec 30 15:55:32 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53

Dec 30 15:55:32 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.11#53



Thanks and Regards,

Gaurav Kansal

Emp Code - 6274

Mob - 9910118448

Intercom - 7331



Have you enabled IPv6 on something today...?
Chris Buxton
2013-12-30 18:23:26 UTC
Permalink
Post by Gaurav Kansal
Dear All,
In my bind server logs, I am getting too much error logs of below mentioned type.
Can anyone pl. explain me why I am getting these logs and how to get rid of those.
Although when I am doing dig for the domain (for which I am getting the error), I am getting the valid output.
Thanks.
Dec 30 15:54:18 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving 'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53
I see an incorrect negative response. Could this be the problem? Here is the end of a dig trace:

geoadnxs.com. 172800 IN NS 01.auth.nym1.appnexus.net.
geoadnxs.com. 172800 IN NS 01.auth.nym2.appnexus.net.
geoadnxs.com. 172800 IN NS 01.auth.lax1.appnexus.net.
geoadnxs.com. 172800 IN NS 01.auth.ams1.appnexus.net.
;; Received 222 bytes from 192.33.14.30#53(192.33.14.30) in 123 ms

sin1.geoadnxs.com. 86400 IN NS ns2.apac.gslb-ns.net.
sin1.geoadnxs.com. 86400 IN NS ns1.apac.gslb-ns.net.
;; Received 122 bytes from 68.67.133.169#53(68.67.133.169) in 67 ms

geoadnxs.com. 30 IN SOA ns1.gslb.com. support.appnexus.net. 1 86400 30 86400 30
;; Received 103 bytes from 64.208.141.10#53(64.208.141.10) in 187 ms
_______________________________

My resolving name server complains as follows:

Dec 30 10:19:45 ubuntu named[1299]: DNS format error from 64.208.141.10#53 resolving ib.sin1.geoadnxs.com/AAAA for client ::1#60014: invalid response
Dec 30 10:19:45 ubuntu named[1299]: error (FORMERR) resolving 'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53
Dec 30 10:19:45 ubuntu named[1299]: DNS format error from 64.208.141.11#53 resolving ib.sin1.geoadnxs.com/AAAA for client ::1#60014: invalid response
Dec 30 10:19:45 ubuntu named[1299]: error (FORMERR) resolving 'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.11#53
_______________________________

I believe the problem is that when asked for an AAAA record, the load balancer gives an otherwise-proper-looking negative response that claims to be from the wrong zone.

Regards,
Chris Buxton
Gaurav Kansal
2013-12-31 05:46:52 UTC
Permalink
Hi Chris,



Thanks for your response.

I am getting the error message for lot of domains.



Log of error entries are attached.



Is it possible to configure bind so that error message should not be
generated in logs file.





Regards,

Gaurav Kansal





-----Original Message-----
From: Chris Buxton [mailto:***@buxtonfamily.us]
Sent: Monday, December 30, 2013 11:53 PM
To: Gaurav Kansal
Cc: BIND Users
Subject: Re: Error logs in bind resolving
Post by Gaurav Kansal
Dear All,
In my bind server logs, I am getting too much error logs of below mentioned type.
Can anyone pl. explain me why I am getting these logs and how to get rid of those.
Although when I am doing dig for the domain (for which I am getting the
error), I am getting the valid output.
Post by Gaurav Kansal
Thanks.
Dec 30 15:54:18 IPV6-NKN-DNS named[13123]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53
I see an incorrect negative response. Could this be the problem? Here is the
end of a dig trace:



geoadnxs.com. 172800 IN NS
01.auth.nym1.appnexus.net.

geoadnxs.com. 172800 IN NS
01.auth.nym2.appnexus.net.

geoadnxs.com. 172800 IN NS
01.auth.lax1.appnexus.net.

geoadnxs.com. 172800 IN NS
01.auth.ams1.appnexus.net.

;; Received 222 bytes from 192.33.14.30#53(192.33.14.30) in 123 ms



sin1.geoadnxs.com. 86400 IN NS
ns2.apac.gslb-ns.net.

sin1.geoadnxs.com. 86400 IN NS
ns1.apac.gslb-ns.net.

;; Received 122 bytes from 68.67.133.169#53(68.67.133.169) in 67 ms



geoadnxs.com. 30 IN SOA
ns1.gslb.com. support.appnexus.net. 1 86400 30 86400 30

;; Received 103 bytes from 64.208.141.10#53(64.208.141.10) in 187 ms
_______________________________



My resolving name server complains as follows:



Dec 30 10:19:45 ubuntu named[1299]: DNS format error from 64.208.141.10#53
resolving ib.sin1.geoadnxs.com/AAAA for client ::1#60014: invalid response
Dec 30 10:19:45 ubuntu named[1299]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.10#53 Dec 30 10:19:45 ubuntu
named[1299]: DNS format error from 64.208.141.11#53 resolving
ib.sin1.geoadnxs.com/AAAA for client ::1#60014: invalid response Dec 30
10:19:45 ubuntu named[1299]: error (FORMERR) resolving
'ib.sin1.geoadnxs.com/AAAA/IN': 64.208.141.11#53
_______________________________



I believe the problem is that when asked for an AAAA record, the load
balancer gives an otherwise-proper-looking negative response that claims to
be from the wrong zone.



Regards,

Chris Buxton
Chris Buxton
2014-01-01 07:20:21 UTC
Permalink
Post by Gaurav Kansal
I am getting the error message for lot of domains.
Log of error entries are attached.
All the ones I checked were caused by broken implementations.
Post by Gaurav Kansal
Is it possible to configure bind so that error message should not be generated in logs file.
They’re logged as errors. I’m not sure I’d want to suppress these errors. Maybe your log service can be configured to filter them out more specifically than what can be done with named’s own logging capability.

Regards,
Chris Buxton
Gaurav Kansal
2014-01-01 07:25:33 UTC
Permalink
Thanks Chris for your useful comments.



On Dec 30, 2013, at 9:46 PM, Gaurav Kansal <***@nic.in> wrote:

I am getting the error message for lot of domains.



Log of error entries are attached.



All the ones I checked were caused by broken implementations.

Is this a broken implementation of IPv6 or something else. As this DNS
Server is running IPv6 only.



Is it possible to configure bind so that error message should not be
generated in logs file.



They're logged as errors. I'm not sure I'd want to suppress these errors.
Maybe your log service can be configured to filter them out more
specifically than what can be done with named's own logging capability.

Ok. will try to play around with logging options.



Thanks for your help and happy new year. J



Regards,

Gaurav Kansal
Chris Buxton
2014-01-02 17:16:48 UTC
Permalink
Post by Gaurav Kansal
Thanks Chris for your useful comments.
Post by Chris Buxton
Post by Gaurav Kansal
I am getting the error message for lot of domains.
Log of error entries are attached.
All the ones I checked were caused by broken implementations.
Is this a broken implementation of IPv6 or something else. As this DNS Server is running IPv6 only.
Broken implementations of name servers. They’re probably mostly load balancers.

Regards,
Chris Buxton

Continue reading on narkive:
Loading...