Re: resolver: DNS format error from

[Petr Menšík]

Fedora 37 has more recent version in updates. I would recommend when in 
doubt trying to update your system, it might have been fixed already. 
But this problem is not on your side.

You can try with dig some queries to their server:
$ dig @195.178.56.17 +norec ns1.apr.gov.rs +nocookie | grep status:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2078

$ dig @195.178.56.17 +norec ns1.apr.gov.rs +noedns | grep status:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13954

$ dig @195.178.56.17 +norec ns1.apr.gov.rs | grep status:
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 44465

It is obvious their server cannot cope with cookies, which should be 
fixed on their side. It would be nice to send them kind mail requesting 
fix of their server.

server 195.178.56.17 { send-cookie no; };
server 91.150.72.154 { send-cookie no; };

Should help until they do, but it is just a workaround. The are 
violating RFC 6891, paragraph 6.1.2 [1]:

 Any OPTION-CODE values not understood by a responder or requestor
   MUST be ignored.

Cheers,
Petr

[1] https://www.rfc-editor.org/rfc/rfc6891#section-6.1.2

On 16. 05. 23 16:52, Alex wrote:

Hi,
I have a bind-9.18.7 system on fedora37 and having some strange errors 
with some queries.

$ host info.apr.gov.rs <http://info.apr.gov.rs>
Host info.apr.gov.rs <http://info.apr.gov.rs> not found: 2(SERVFAIL)

in my bind logs I have the following:
16-May-2023 10:37:49.800 resolver: DNS format error from 
195.178.56.17#53 resolving ns1.apr.gov.rs/AAAA 
<http://ns1.apr.gov.rs/AAAA> for <unknown>: server sent FORMERR
16-May-2023 10:37:49.800 lame-servers: received FORMERR resolving 
'ns1.apr.gov.rs/AAAA/IN <http://ns1.apr.gov.rs/AAAA/IN>': 195.178.56.17#53
16-May-2023 10:37:49.800 lame-servers: timed out resolving 
'info.apr.gov.rs/A/IN <http://info.apr.gov.rs/A/IN>': 212.62.49.194#53
16-May-2023 10:37:49.800 query-errors: client @0x7f9d546d5168 
127.0.0.1#59712 (info.apr.gov.rs <http://info.apr.gov.rs>): query 
failed (failure) for info.apr.gov.rs/IN/A 
<http://info.apr.gov.rs/IN/A> at ../../../lib/ns/query.c:7717

In the limited search results I've found for this, I believe it has 
something to do with dnssec or EDNS, but I really don't know how to 
troubleshoot this. Is this a known problem?

It also appears to be happening with even hosts like ticketmaster?
16-May-2023 10:21:09.348 lame-servers: FORMERR resolving 
'engage.ticketmaster.com/NS/IN 
<http://engage.ticketmaster.com/NS/IN>': 205.251.194.123#53
This resolves fine to me now, does not need disabling cookies or ends.

The host resolves fine on my bind-9.16.38 system using the exact same 
configuration, as well as most or all public resolvers.

--
Petr Menšík
Software Engineer, RHEL
Red Hat,http://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users