> On 3 Jun 2023, at 07:04, Alex <mysqlstud...@gmail.com> wrote: > > Hi, > I'm using bind-9.18.15 on fedora37 and I'm trying to understand and > troubleshoot some errors I'm receiving in the debug logs: > > 31-May-2023 16:58:11.399 query-errors: info: client @0x7f8d18203b68 > 127.0.0.1#56268 (bounce.bwnews.bestwestern.com): query failed (SERVFAIL) for > bounce.bwnews.bestwestern.com/IN/NS at ../../../lib/ns/query.c:7060
Looks like BestWestern can’t properly manage their DNS delegations. At least you can call BestWestern and tell them that they have a problem. The end of “dig +trace bwnews.bestwestern.com NS”. Notice that the SOA record returned does not match the name of the zone delegated to the server. It should be a SOA record for "bwnews.bestwestern.com”, not “bestwestern.com”. bestwestern.com. 172800 IN NS a28-67.akam.net. bestwestern.com. 172800 IN NS a1-193.akam.net. bestwestern.com. 172800 IN NS a11-64.akam.net. bestwestern.com. 172800 IN NS a18-65.akam.net. bestwestern.com. 172800 IN NS a5-64.akam.net. bestwestern.com. 172800 IN NS a2-66.akam.net. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q2D6NI4I7EQH8NA30NS61O48UL8G5 NS SOA RRSIG DNSKEY NSEC3PARAM CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20230607042542 20230531031542 46551 com. Ey3iLrAN1zryAogTCDsJsS4SZtSZOvlnU8TBWboJo/rK/HAIo3TkN7b4 BOCVXNfQD+kFYeMk7iaEN4KGip+4+xQazhlHot/NR2LVldJR7WJkgaWM QWfzZnUqDmGtCX0hGzb6GwMqgm2i1H6gUHUQnhMmdmw359X9zZ1DYTq7 uYjN21iCdRfwZeRrf/nXIfKhYtiDXnK3EmLfkzq7cpOZUg== MR8E2U446ASB27NERO9ET0O2C6JN94LI.com. 86400 IN NSEC3 1 1 0 - MR8ECIIIQGKD1UP7OMINE4KFD6DCJ97D NS DS RRSIG MR8E2U446ASB27NERO9ET0O2C6JN94LI.com. 86400 IN RRSIG NSEC3 8 2 86400 20230608054334 20230601043334 46551 com. ZzSE4DLIOJx+li2tTwlK6/P+sWKeotdlXM94kypI3FfJBCkY2yYyAFHO aUPdtwtoTvaqjrNuOCJT+44fnVmTzFIXIpPj8SS5fNLlKNRWAGQSLgQI x3W30Dg8k+n23mvQm9DN9iqb/6KOEYqzKCHmXfU9OU+aGZmNJ2kCzfAX 7BM5JgXnXnoRKLh/hpWAUVPBRvWSvkPcTbzxnp4ZxPnDiA== ;; Received 739 bytes from 192.41.162.30#53(l.gtld-servers.net) in 135 ms bwnews.bestwestern.com. 3600 IN NS ns2.acoustic-adm.com. bwnews.bestwestern.com. 3600 IN NS ns3.acoustic-adm.com. bwnews.bestwestern.com. 3600 IN NS ns4.acoustic-adm.com. bwnews.bestwestern.com. 3600 IN NS ns1.acoustic-adm.com. ;; Received 143 bytes from 95.100.168.64#53(a5-64.akam.net) in 507 ms bestwestern.com. 900 IN SOA ns1.acoustic-adm.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;; Received 136 bytes from 2600:9000:5305:1100::1#53(ns1.acoustic-adm.com) in 268 ms > 31-May-2023 16:58:11.536 query-errors: info: client @0x7f8d00a1d568 > 127.0.0.1#38026 (email.bestwesternrewards.com): query failed (SERVFAIL) for > email.bestwesternrewards.com/IN/NS at ../../../lib/ns/query.c:7060 > 31-May-2023 17:12:22.905 query-errors: client @0x7f53d920e368 > 68.195.111.45#54508 (_dmarc.email.bestwesternrewards.com): query failed > (SERVFAIL) for _dmarc.email.bestwesternrewards.com/IN/TXT at > ../../../lib/ns/query.c:7060 The end of “dig _dmarc.email.bestwesternrewards.com +trace +all TXT” email.bestwesternrewards.com is not properly delegated. The delegated server is echoing back the AD bit. ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1058 ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ; COOKIE: 6985c5f106c0dc4ed5994526647a7fb5e764ecd9d5b481ee (good) ;; QUESTION SECTION: ;_dmarc.email.bestwesternrewards.com. IN TXT ;; AUTHORITY SECTION: email.bestwesternrewards.com. 3600 IN NS ns1.acoustic-adm.com. email.bestwesternrewards.com. 3600 IN NS ns4.acoustic-adm.com. email.bestwesternrewards.com. 3600 IN NS ns2.acoustic-adm.com. email.bestwesternrewards.com. 3600 IN NS ns3.acoustic-adm.com. ;; Query time: 259 msec ;; SERVER: 206.201.174.21#53(ns01.bestwestern.com) (UDP) ;; WHEN: Sat Jun 03 09:48:05 AEST 2023 ;; MSG SIZE rcvd: 177 ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45439 ;; flags: qr aa ad; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;_dmarc.email.bestwesternrewards.com. IN TXT ;; ANSWER SECTION: _dmarc.email.bestwesternrewards.com. 300 IN TXT "v=DMARC1; p=none; rua=mailto:0c75d3ee540c...@rep.dmarcanalyzer.com; ruf=mailto:0c75d3ee540c...@for.dmarcanalyzer.com; fo=1;" ;; AUTHORITY SECTION: bestwesternrewards.com. 172800 IN NS ns1.acoustic-adm.com. bestwesternrewards.com. 172800 IN NS ns2.acoustic-adm.com. bestwesternrewards.com. 172800 IN NS ns3.acoustic-adm.com. bestwesternrewards.com. 172800 IN NS ns4.acoustic-adm.com. ;; ADDITIONAL SECTION: ns1.acoustic-adm.com. 60 IN A 205.251.197.17 ns1.acoustic-adm.com. 60 IN AAAA 2600:9000:5305:1100::1 ns2.acoustic-adm.com. 60 IN A 205.251.198.78 ns2.acoustic-adm.com. 60 IN AAAA 2600:9000:5306:4e00::1 ns3.acoustic-adm.com. 60 IN A 205.251.194.123 ns3.acoustic-adm.com. 60 IN AAAA 2600:9000:5302:7b00::1 ns4.acoustic-adm.com. 60 IN A 205.251.192.237 ns4.acoustic-adm.com. 60 IN AAAA 2600:9000:5300:ed00::1 ;; Query time: 246 msec ;; SERVER: 2600:9000:5306:4e00::1#53(ns2.acoustic-adm.com) (UDP) ;; WHEN: Sat Jun 03 09:48:05 AEST 2023 ;; MSG SIZE rcvd: 461 > 31-May-2023 17:12:22.921 query-errors: client @0x7f53d91aeb68 > 68.195.111.45#54508 (mail8140.bwnews.bestwestern.com): query failed > (SERVFAIL) for mail8140.bwnews.bestwestern.com/IN/TXT at > ../../../lib/ns/query.c:7060 > 31-May-2023 17:12:22.928 query-errors: client @0x7f53da5deb68 > 68.195.111.45#53653 (bounce.bwnews.bestwestern.com): query failed (SERVFAIL) > for bounce.bwnews.bestwestern.com/IN/TXT at ../../../lib/ns/query.c:7060 > > Is Best Western actually having such DNS problems? Even just a simple "host" > command shows something is wrong: > > $ host mail8140.bwnews.bestwestern.com > mail8140.bwnews.bestwestern.com has address 129.41.76.129 > Host mail8140.bwnews.bestwestern.com not found: 2(SERVFAIL) > mail8140.bwnews.bestwestern.com mail is handled by 5 > mail8140.bwnews.bestwestern.com. Yes. They need to get someone that can configure a server with the correct name for the zone being delegated to it. This is simply a matter of putting the correct name into the configuration. If you are delegating “bwnews.bestwestern.com” then you add a zone called “bwnews.bestwestern.com”. Simple. > On another server, I'm receiving a bit more information: > 31-May-2023 17:13:28.845 lame-servers: FORMERR resolving > 'mail8140.bwnews.bestwestern.com/AAAA/IN': 205.251.194.123#53 > 31-May-2023 17:13:28.845 query-errors: client @0x7f655c820168 127.0.0.1#50563 > (mail8140.bwnews.bestwestern.com): query failed (failure) for > mail8140.bwnews.bestwestern.com/IN/AAAA at ../../../lib/ns/query.c:7779 > > What is the impact of these messages? > > I'm also receiving many timeout problems. > > 31-May-2023 17:00:51.990 query-errors: info: client @0x7f8d00a1b968 > 127.0.0.1#56239 (_dmarc.zoominfo.com): query failed (timed out) for > _dmarc.zoominfo.com/IN/TXT at ../../../lib/ns/query.c:7779 > 31-May-2023 17:00:52.172 query-errors: info: client @0x7f8d00de5168 > 127.0.0.1#30280 (travel-assets.com.fresh30.spameatingmonkey.net): query > failed (timed out) for travel-assets.com.fresh30.spameatingmonkey.net/IN/A at > ../../../lib/ns/query.c:7779 > 31-May-2023 17:03:52.542 query-errors: client @0x7f53da961d68 > 68.195.111.45#50747 (31.57.89.167.bb.barracudacentral.org): query failed > (timed out) for 31.57.89.167.bb.barracudacentral.org/IN/A at > ../../../lib/ns/query.c:7779 > > I think the last two occur on multiple servers, leading me to believe they > actually have a problem? Barracuda requires that you register your IP with > them, and I've done that, but other queries with them work just fine, even > from servers that aren't registered. > > Could this be a bind tuning problem? Neither server where I ran these tests > are having resource issues that I know of. > > Any ideas on how to troubleshoot these to confirm it's not a problem with my > own server would be greatly appreciated. > > Thanks, > Alex > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from > this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users