On Sat, Sep 1, 2018 at 11:25 PM Carl Byington <c...@byington.org> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On Fri, 2018-08-31 at 17:18 -0400, Alex wrote: > > ../../../lib/dns/resolver.c:3927 for support.coxbusiness.com/A in > > After 4 seconds, I get SERVFAIL on that name.
Thank you for your help. Perhaps I picked a bad example? I happened to have a grep running against my current named.debug.log, and as I received your email, what I believe is a much more representative display of the problem occurred. I also have a packet capture below. It's probably mangled posting it here, so I'll also put it on pastebin, but it's a rapid-fire display of a series of failed queries at once. I've cut out much of the info preceding and following to make it more clear here. These all occurred in less than 20ms of each other. (71.161.85.209.ubl.unsubscore.com): query failed (SERVFAIL) (71.161.85.209.dnsbl-2.uceprotect.net): query failed (SERVFAIL) (71.161.85.209.dnsbl.sorbs.net): query failed (SERVFAIL) (71.161.85.209.bad.psky.me): query failed (SERVFAIL) (71.161.85.209.score.senderscore.com): query failed (SERVFAIL) (71.161.85.209.list.dnswl.org): query failed (SERVFAIL) (71.161.85.209.zz.countries.nerd.dk): query failed (SERVFAIL) (71.161.85.209.cidr.bl.mcafee.com): query failed (SERVFAIL) (71.161.85.209.bl.mailspike.net): query failed (SERVFAIL) (71.161.85.209.wl.mailspike.net): query failed (SERVFAIL) (71.161.85.209.db.wpbl.info): query failed (SERVFAIL) (71.161.85.209.sip.helpfulblacklist.xyz): query failed (SERVFAIL) (71.161.85.209.dnsbl-3.uceprotect.net): query failed (SERVFAIL) (71.161.85.209.backscatter.spameatingmonkey.net): query failed (SERVFAIL) (71.161.85.209.hostkarma.junkemailfilter.com): query failed (SERVFAIL) (71.161.85.209.bl.score.senderscore.com): query failed (SERVFAIL) When trying to resolve any of these manually, it just returns NXDOMAIN. See the entirety of the log here: https://pastebin.com/JpHCDdQs Each of the lines above also has a corresponding entry like this: 01-Sep-2018 23:31:06.701 query-errors: debug 2: fetch completed at ../../../lib/dns/resolver.c:3927 for 71.161.85.209.bad.psky.me/A in 10.000078: timed out/success [domain:psky.me,referral:0,restart:4,qrysent:8,timeout:7,lame:0,quota:0,neterr:0,badresp:0,adberr:0,findfail:0,valfail:0] I also isolated a packet with the "server failure" information, but I'm unable to figure out what the data means. Would someone be interested in evaluating it for me? It's a 146-byte pcap file. https://drive.google.com/open?id=1Ui893Lg61psZCR8I_9SJtNqs-Sil_br Thanks for any ideas. Alex _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
