Error Unexpected Rcode Servfail
Contents |
Tags Search LQ Wiki Search Tutorials/Articles Search HCL Search Reviews Search ISOs Go to Page... LinuxQuestions.org > Forums > Linux Forums > Linux - unexpected rcode (servfail) from master Newbie DNS Issue [unexpected rcode (SERVFAIL)] User Name Remember Me? Password Linux
Error (formerr) Resolving
- Newbie This Linux forum is for members that are new to Linux. Just starting out and have rcode refused dns a question? If it is not in the man pages or the how-to's this is the place! Notices Welcome to LinuxQuestions.org, a friendly and active Linux Community. You are
Category Lame-servers {null;};
currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today! Note that registered members see fewer ads, and ContentLink is completely disabled once you log lame server resolving in. Are you new to LinuxQuestions.org? Visit the following links: Site Howto | Site FAQ | Sitemap | Register Now If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here. Having a problem logging in? Please visit this page to clear all LQ-related cookies. Introduction to Linux - A Hands on Guide This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter. For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own. Click Here to
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn
Error (network Unreachable) Resolving
more about Stack Overflow the company Business Learn more about hiring developers or posting
Bind Disable Ipv6
ads with us Server Fault Questions Tags Users Badges Unanswered Ask Question _ Server Fault is a question and answer site named allow-query for system and network administrators. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise http://www.linuxquestions.org/questions/linux-newbie-8/dns-issue-%5Bunexpected-rcode-servfail-%5D-785246/ to the top unexpected RCODE REFUSED - eating up log files up vote 1 down vote favorite 1 I have a website which I host myself, and I use bind9 as my DNS server (host my own nameservers etc.). I am having a problem with traffic bandwidth, and my syslog is full of the following type of issue: error (unexpected RCODE REFUSED) resolving 'target-express.com/AAAA/IN': 193.95.142.60#53 error (unexpected RCODE REFUSED) resolving http://serverfault.com/questions/672566/unexpected-rcode-refused-eating-up-log-files 'target-express.com/A/IN': 2001:7c8:3:2::5#53 In today's syslog, there are 144258 instances of this, all related to target-express.com. My questions are: is there anything I can do firewall-wise or bind config to stop this? Why would my bind setup be trying to resolve target-express.com (it's not my domain, nothing to do with me). I have checked my forwarders in named.conf, and none of them match the IPs showing in the logs (they are all basically different IPs, not just 193.95.142.60). My iptables reads: Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere REJECT all -- anywhere loopback/8 reject-with icmp-port-unreachable ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT icmp -- anywhere anywhere icmp echo-request LOG all -- anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix "iptables denied: " REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywher
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn http://serverfault.com/questions/37604/unexpected-rcodeservfail-causing-bind-to-crash more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Server Fault Questions Tags Users Badges Unanswered Ask Question _ Server Fault is a question and answer https://www.howtoforge.com/community/threads/dns-master-slave-unexpected-rcode-servfail.28932/ site for system and network administrators. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise unexpected rcode to the top Unexpected RCODE(SERVFAIL) causing bind to crash? up vote 0 down vote favorite Every two days or so, my server stops responding entirely to its services. I can ping it, but I cannot use SSH so I have to go into my host's control panel and reset it. When it comes back up, the last log entry before the crash in /var/log/messages are variations on the following: error unexpected rcode named[3493]: unexpected RCODE (SERVFAIL) resolving '3.39.148.159.in-addr.arpa/PTR/IN': 193.0.0.193#53 Could this be a part of a DoS attack? I have not configured bind on this server and didn't think I'd need to (however naïve that may be). domain-name-system centos bind share|improve this question asked Jul 8 '09 at 11:13 Jonathan Prior 187312 add a comment| 3 Answers 3 active oldest votes up vote 0 down vote accepted Question first off: does it actually need the bind accessible to the outside world? If not, just block ingoing traffic on the DNS ports, and you're all set. But yes, indirectly this is part of an 'attack', as your mail server is probably trying to bounce back "user not found" mails to bogus servers. And do you have spamassassin running on your machine? If you're hit by a spamwave and the perl spamassassin is trying to handle all the mail, it might take down your system on unlucky configurations. share|improve this answer answered Jul 8 '09 at 12:10 towo 1,4451110 I've blocked external traffic to bind. I'll see if that clears up the problem in a couple of days. –Jonathan Prior Jul 8 '09 at 20:25 add a comment| Did you find this question interesting? Try our n
Hello, I'm having some troubles setting up a master/slave configuration for my DNS. Right now I have a Redhat server (dnsnsbrhgate.linux.cs460) and a Windows server (dnsnsbwingate.windows.cs460) and I am trying to set the Windows DNS up as a slave on the Redhat server. My named.conf looks like this (snipped to important part): Code: zone "linux.cs460." IN { type master; file "linux.cs460.zone"; }; zone "10.68.192.in-addr.arpa." IN { type master; file "192.168.10.zone"; }; zone "windows.cs460." IN { type slave; file "windows.cs460.zone"; masters { 192.168.10.120 ; }; }; I have a windows.cs460.zone file where all my other zone files are, however it is empty (I am under the impression that this does not need to be filled in?) The error that I am getting when I try to ping dnsnsbwingate.windows.cs460 is: Code: ping: unknown host dnsnsbwingate.windows.cs460 When I restart named.conf my logs show this: Code: zone windows.cs460/IN: refresh: unexpected rcode (SERVFAIL) from master 192.168.10.120#53 (source 0.0.0.0#0) The results of me digging dnsnsbwingate.windows.cs460 is: Code: ; <<>> DIG 9.3.4-P! <<>> dnsnsbwingate.windows.cs460 ;; global options: printcmd ;; Got answer ;; ->>HEADER<<- opcode: query, status: SERVFAIL, id: 21161 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION ; dnsnsbwingate.windows.cs460. IN A ;; Query time 6 msec ;; SERVER 192.168.10.120#53(192.168.10.120) ;; WHEN Mon Nov 24 12:20:27 2008 ;; MSG SIZE rcvd: 45 Any ideas? nbakewell, Nov 24, 2008 #1 till Super Moderator Staff Member ISPConfig Developer Did you setup the slave zone with ISPConfig? till, Nov 24, 2008 #2 nbakewell New Member Using ISPConfig on Redhat? Or on Windows? No, I don't recall issuing any ISPConfig commands... nbakewell, Nov 24, 2008 #3 till Super Moderator Staff Member ISPConfig Developer You posted this in the forum for the ISPConfig hosting control panel. I will move you post to another forum as you dont semm to use ISPConfig. till, Nov 24, 2008 #4 falko Super Moderator ISPConfig Developer Where's the master for the windows.cs460 zone? falko, Nov 25, 2008 #5 nbakewell New Member The master for windows.cs460 is linux.cs460, on Redhat. nbakewell, Nov 25, 2008 #6 falko Super Moderator ISPConfig Developer But you've configured linux.cs460 as a slave for that zone: Code: zone "windows.cs460." IN { type [B][COLOR="Red"]slave[/COLOR][/B