Bind Named Error Unexpected Rcode Refused Resolving
Contents |
Bind logs? named[xxxxxx]: unexpected RCODE (REFUSED) resolving ‘xx.xx.xx.xx.in-addr.arpa/PTR/IN': xxx.xxx.xxx.xxx#53 This is probably because you have a forwarder in your named.conf that refuse your requests. Simply look at the lame servers info error unexpected rcode refused resolving end of the previous line : "xxx.xxx.xxx.xxx#53" and search this address
Error Unexpected Rcode Servfail Resolving
in your named configuration file - it should be located inside the forwarders : Shell forwarders { unexpected rcode servfail xxx.xxx.xxx.xxx; }; 1 forwarders { xxx.xxx.xxx.xxx; }; You need to remove or comment this host to get rid of the error in log or allow your host to
Rcode Refused Dns
query this server if it belongs to you! Tip : To make sure the remote DNS server you are trying to query is refusing your request, you can try to DIG a host like this replacing the domain and IP to meet your situation : Shell dig domain.tld @xxx.xxx.xxx.xxx 1 dig domain.tld @xxx.xxx.xxx.xxx Be Sociable, lame server resolving Share! Tweet Category: Servers About Kaven G. System Engineer / Network Administrator View all posts by Kaven G. → Post navigation ← Bind : Transfer of ‘domain.tld' from xx.xx.xx.xx#53 failed receiving responses permission denied Linux : Error running command require /proc could not read procfs → ITechLounge.netLinux : Port forwarding with IPtables Search for: Categories Downloads ITechLounge Mac Multimedia Networking Operating Systems PC Security Servers Storage Virtualization Web Tools.ITechLounge.net |-> BandwidthTest |-> GetMyIP |-> NS Lookup |-> Ping |-> TraceRoute |-> Whois Recent Posts Linux : Port forwarding with IPtables Mac : Unable to negotiate with x.x.x.x port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 Windows : How to enable the Administrator account in Windows Home Edition Linux : How to setup client/server NFS on SuSE Office : How to remove the first three characters of each lines in a Word document? Archives Archives Select Month September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 J
Search HCL Search Reviews Search ISOs Go to Page... LinuxQuestions.org > Forums > Linux Forums > Linux - Server BIND - Unexpected RCODE (SERVFAIL/REFUSED) errors User Name Remember Me? Password Linux - Server This forum is for the discussion
Error (formerr) Resolving
of Linux Software used in a server related context. Notices Welcome to LinuxQuestions.org, a
Category Lame-servers {null;};
friendly and active Linux Community. You are currently viewing LQ as a guest. By joining our community you will have the ability to unexpected rcode (servfail) from master post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today! Note that registered members see fewer ads, http://www.itechlounge.net/2011/12/bind-unexpected-rcode-refused-resolving-xx-xx-xx-xx-in-addr-arpaptrin/ and ContentLink is completely disabled once you log in. Are you new to LinuxQuestions.org? Visit the following links: Site Howto | Site FAQ | Sitemap | Register Now If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here. Having a problem logging in? Please visit this page to clear all LQ-related cookies. Introduction to Linux - A Hands on http://www.linuxquestions.org/questions/linux-server-73/bind-unexpected-rcode-servfail-refused-errors-613942/ Guide This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter. For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own. Click Here to receive this Complete Guide absolutely free. Search this Thread 01-16-2008, 05:58 AM #1 beerfest LQ Newbie Registered: Jan 2008 Posts: 4 Rep: BIND - Unexpected RCODE (SERVFAIL/REFUSED) errors Hi all, My first post here and am looking for a little help. Have done a quick search and couldn't find anything that helped me fix my problem. I'm running a DNS server and it's working fine from what I can tell. I've used dig to test things and I'm also receiving e-mails to postfix on the server. However, I'm getting info from named in /var/log/messages as follows:- Jan 13 23:52:37 gservtwo named[2082]: unexpected RCODE (SERVFAIL) resolving '168.1
] [ subject ] [ author ] There's more: both ns1.netbcp.com and ns2.netbcp.net don't respond to queries about nbc.com and ns1.netbcp.com doesn't respond over TCP. Frank From: bind-users-bounces+frnkblk=iname.com at https://lists.isc.org/pipermail/bind-users/2012-October/088831.html lists.isc.org [mailto:bind-users-bounces+frnkblk=iname.com at lists.isc.org] On Behalf Of Kevin Darcy Sent: Friday, October 12, 2012 12:48 PM Cc: bind-users at lists.isc.org Subject: Re: error (unexpected RCODE REFUSED) resolving OK, so your nbc.com/A resolving error https://www.novell.com/support/kb/doc.php?id=7011258 doesn't really have anything to do with the nameservers you included in your original post. It does appear, however, that ns2.netbcp.net (205.173.93.213) is refusing requests generally for the nbc.com domain: $ dig unexpected rcode nbc.com +buf=4096 +norec @ns2.netbcp.net ; <<>> DiG 9.4.3-P3 <<>> nbc.com +buf=4096 +norec @ns2.netbcp.net ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 1019 ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;nbc.com. IN A ;; Query time: 30 msec ;; SERVER: 205.173.93.213#53(205.173.93.213) ;; WHEN: Fri error unexpected rcode Oct 12 13:44:56 2012 ;; MSG SIZE rcvd: 36 ns1.netbcp.com appears to be doing the same thing. Not known whether this is something temporary (performing maintenance?), or something permanent (provider's contract lapsed, but customer never updated delegations). In any case, you have enough working authoritative nameservers for the domain, so it'll continue to resolve for you... - Kevin On 10/12/2012 1:35 PM, James Tingler wrote: I don't think that I am. I only define internal forwarders for internal zones as needed. For my root hint, standard configuration: Named.conf zone "." { type hint; file "named.ca"; Named.ca: ; <<>> DiG 9.5.0b2 <<>> +bufsize=1200 +norec NS . @a.root-servers.net ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34420 ;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 20 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 518400 IN NS M.ROOT-SERVERS.NET. . 518400 IN NS A.ROOT-SERVERS.NET. . 518400 IN NS B.ROOT-SERVERS.NET. . 518400 IN NS C.ROOT-SERVERS.NET. . 518400 IN NS D.ROOT-SERVERS.NET. . 518400 IN NS E.ROOT-SERVERS.NET. . 518400 IN NS F.ROOT-SERVERS.NET. . 518400 IN NS G.ROOT-SERVERS.NET. . 51840
Favorite Rating: DNS Server - not resolving external references while able to resolve internal referencesThis document (7011258) is provided subject to the disclaimer at the end of this document. Environment DNS Server Situation The DNS server stops resolving external references but still resolves internal references. Restarting the DNS service may or may not help. Looking at the named.run file, or messages file, you see a lot of error messages like the following: 23-Oct-2012 11:14:09.613 lame-servers: dns/resolver: info: unexpected RCODE (SERVFAIL) resolving '1.1.1.10.in-addr.arpa/PTR/IN': 8.8.8.8#53 or 23-Oct-2012 11:14:10.005 lame-servers: dns/resolver: info: unexpected RCODE (REFUSED) resolving 'something.com/A/IN': 8.8.8.8#53 or 23-Oct-2012 11:22:27.223 client: query: warning: client 10.1.1.5#50067: no more recursive clients: quota reached In the logs this appears to start out as a flood of in-addr.arpa queries for PTR records in in-addr.arpa zones that the local DNS server is not authoritative for. By default recursive queries are enabled on the DNS server so these requests cause the local DNS server to send those PTR requests on to the upstream configured DNS forwarder, or to the Root Servers if no forwarders are defined. Since there is a large flood of these requests, and the local DNS server and the upstream DNS servers are not able to resolve them quickly if at all, eventually the local DNS server and possibly even the upstream DNS server will run out of resources to handle the flood of the bogus recursive queries. The upstream servers may even stop resolving anything for the local DNS server and you will get the lame-servers, SERVFAIL, and REFUSED errors. On the local server you may see the recursive quota reached errors. In any case there will be a lot of all of these errors in the local DNS server logs. Resolution Using LAN trace utilities, identify the devices that are making the bogus in-addr.arpa queries and turn those devices off. After you have done that restart the DNS server. At this point all recursive resources will be available. If it still fails to resolve externally look at the log files again to make sure the previous errors are not longer being written. If they are still being logged take more LAN traces to see if the flood of bogus in-addr.arpa requests have stopped. If not, identify the new devices and stop those. When you have stopped all devices making bogus requests and restarted the DNS server it will no longer be logging the errors and running out of resources and will forward on to the upstream foraders properly.At this point it shou