DNS format error
ic.nssip
Apr 27 19:13:03 ns.domain.net last message repeated 2 times
Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 204.77.28.20#53 resolving www25.victoriassecret.com/AAAA for client 216.108.17.179#65160: invalid response
Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 66.179.173.211#53 resolving www25.victoriassecret.com/AAAA for client 216.108.17.179#65160: invalid response
Apr 27 19:13:03 ns.domain.net last message repeated 2 times
Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 204.77.28.20#53 resolving www25.victoriassecret.com/AAAA for client 216.108.17.179#65160: invalid response
Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 208.16.208.26#53 resolving ocsp.entrust.net/AAAA for client 216.108.168.4#64789: invalid response
Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 207.19.96.22#53 resolving ocsp.entrust.net/AAAA for client 216.108.168.4#64789: invalid response
Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 204.77.28.20#53 resolving www25.victoriassecret.com/AAAA for client 216.108.17.179#65160: invalid response
Apr 27 19:13:09 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 208.122.22.2#53 resolving 3617.voxcdn.com/AAAA for client 216.108.171.241#61168: invalid response
Apr 27 19:13:09 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 208.122.22.1#53 resolving 3617.voxcdn.com/AAAA for client 216.108.171.241#61168: invalid response
Apr 27 19:13:30 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 204.77.28.20#53 resolving www25.victoriassecret.com/AAAA for client 216.108.17.179#64803: invalid response
Apr 27 19:13:31 ns.domain.net last message repeated 1 time
Apr 27 19:13:31 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 66.179.173.211#53 resolving www25.victoriassecret.com/AAAA for client 216.108.17.179#64803: invalid response
Apr 27 19:13:31 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 209.235.30.142#53 resolving www25.victoriassecret.com/AAAA for client 216.108.17.179#64803: invalid response
Apr 27 19:13:31 ns.domain.net last message repeated 2 times
Apr 27 19:13:31 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 66.179.173.211#53 resolving www25.victoriassecret.com/AAAA for client 216.108.17.179#64803: invalid response
Apr 27 19:13:31 ns.domain.net last message repeated 1 time
Apr 27 19:13:31 ns.domain.net named[25674]: [ID 873579 daemon.notice] DNS format error from 204.77.28.20#53 resolving www25.victoriassecret.com/AAAA for client 216.108.17.179#64803: invalid response
Chuck Anderson
> I hope somebody can tell me why I'm getting so many "DNS format
> error" on a DNS Server running BIND 9.7.0 on a Solaris 10 machine.
> The server is resolving fine queries for normal traffic. Is just
> syslog that gets tones of messages like the ones in the next
> capture. The start command for named is: "/usr/local/sbin/named -4
> -c /etc/named.conf" but I get the errors no matter if I use "-4"
> option or not.
>
> daemon.notice] DNS format error from 209.235.30.142#53 resolving
> www25.victoriassecret.com/AAAA for client 216.108.17.179#65160:
> invalid response
I get these also. victoriassecret.com must be using a broken DNS
server or DNS load balancer that doesn't understand AAAA records.
This isn't about your BIND server querying /over/ IPv6, it is about
your BIND server asking for AAAA records, probably because it was
asked to resolve AAAA records on behalf of its recursive clients. All
the popular operating systems will do this by default now. You can
just ignore the messages.
Chuck Anderson
Mark Andrews
In message <50F2FA04B0CE44D4...@internal.corp.ds>, "ic.nssip" writ
es:
> Hello everyone,
>
> I hope somebody can tell me why I'm getting so many "DNS format error" =
> on a DNS Server running BIND 9.7.0 on a Solaris 10 machine.
> that gets tones of messages like the ones in the next capture.
> /etc/named.conf" but I get the errors no matter if I use "-4" option or =
> not.
>
> Thank you for any advice on how to fix whatever causes this errors.
> Julian
>
>
> DNS format error from 209.235.30.142#53 resolving =
> www25.victoriassecret.com/AAAA for client 216.108.17.179#65160: invalid =
> response
Yet another misconfigured load balancer. Note the SOA record
returned does not match the zone delegated to the nameserver.
Complain to the administrators of the load balancer.
www25.victoriassecret.com. 7200 IN NS ns3.coremetrics.com.
www25.victoriassecret.com. 7200 IN NS ns2.coremetrics.com.
www25.victoriassecret.com. 7200 IN NS ns1.coremetrics.com.
;; Received 109 bytes from 64.211.42.196#53(usw4.akam.net) in 209 ms
com. 60 IN SOA infgslb1.mgt.coremetrics.com. hostmaster.infgslb1.mgt.coremetrics.com. 12780 10800 3600 604800 60
;; Received 115 bytes from 204.77.28.20#53(ns3.coremetrics.com) in 222 ms
> Apr 27 19:13:03 ns.domain.net last message repeated 2 times
> Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 204.77.28.20#53 resolving =
> www25.victoriassecret.com/AAAA for client 216.108.17.179#65160: invalid =
> response
> Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 66.179.173.211#53 resolving =
> www25.victoriassecret.com/AAAA for client 216.108.17.179#65160: invalid =
> response
> Apr 27 19:13:03 ns.domain.net last message repeated 2 times
> Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 204.77.28.20#53 resolving =
> www25.victoriassecret.com/AAAA for client 216.108.17.179#65160: invalid =
> response
> Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 208.16.208.26#53 resolving ocsp.entrust.net/AAAA =
> for client 216.108.168.4#64789: invalid response
And here but not quite such a gross mis-configuration load balancer.
At least it is not a TLD being returned.
ocsp.entrust.net. 7200 IN NS gns1.sungardns.com.
ocsp.entrust.net. 7200 IN NS gns2.sungardns.com.
;; Received 85 bytes from 216.13.122.23#53(secondary-ns1.allstream.com) in 967 ms
entrust.net. 60 IN SOA phlig3.oamp.sgns.net. hostmaster.phlig3.oamp.sgns.net. 14 10800 3600 604800 60
;; Received 98 bytes from 208.16.208.26#53(gns2.sungardns.com) in 613 ms
> Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 207.19.96.22#53 resolving ocsp.entrust.net/AAAA =
> for client 216.108.168.4#64789: invalid response
> Apr 27 19:13:03 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 204.77.28.20#53 resolving =
> www25.victoriassecret.com/AAAA for client 216.108.17.179#65160: invalid =
> response
> Apr 27 19:13:09 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 208.122.22.2#53 resolving 3617.voxcdn.com/AAAA for =
> client 216.108.171.241#61168: invalid response
This one fails to return the CNAME to content.sjc1.site.voxcdn.net
when the query type is AAAA so you get a unrelated SOA record.
voxcdn.com. 172800 IN NS ns1.voxcdn.net.
voxcdn.com. 172800 IN NS ns2.voxcdn.net.
;; Received 111 bytes from 192.41.162.30#53(l.gtld-servers.net) in 240 ms
sjc1.site.voxcdn.net. 120 IN SOA ns.voxel.net. hostmaster.voxel.net. 1241458166 10800 3600 604800 120
;; Received 109 bytes from 208.122.22.2#53(ns2.voxcdn.net) in 177 ms
> Apr 27 19:13:09 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 208.122.22.1#53 resolving 3617.voxcdn.com/AAAA for =
> client 216.108.171.241#61168: invalid response
> Apr 27 19:13:30 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 204.77.28.20#53 resolving =
> www25.victoriassecret.com/AAAA for client 216.108.17.179#64803: invalid =
> response
> Apr 27 19:13:31 ns.domain.net last message repeated 1 time
> Apr 27 19:13:31 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 66.179.173.211#53 resolving =
> www25.victoriassecret.com/AAAA for client 216.108.17.179#64803: invalid =
> response
> Apr 27 19:13:31 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 209.235.30.142#53 resolving =
> www25.victoriassecret.com/AAAA for client 216.108.17.179#64803: invalid =
> response
> Apr 27 19:13:31 ns.domain.net last message repeated 2 times
> Apr 27 19:13:31 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 66.179.173.211#53 resolving =
> www25.victoriassecret.com/AAAA for client 216.108.17.179#64803: invalid =
> response
> Apr 27 19:13:31 ns.domain.net last message repeated 1 time
> Apr 27 19:13:31 ns.domain.net named[25674]: [ID 873579 daemon.notice] =
> DNS format error from 204.77.28.20#53 resolving =
> www25.victoriassecret.com/AAAA for client 216.108.17.179#64803: invalid =
> response
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org