FORMERR-Format error issue

Wed, 31 Jan 2024 21:28:03 -0800 

Hello,
-I have been troubleshooting a format error in BIND 9 for about a week at this point. 

-The symptoms:

-I am unable to resolve members.nmar.com.


-The nslookup output from a client to OUR private recursive DNS server 
is as follows:



members.nmar.com

Server:  [100.101.0.10]
Address:  100.101.0.10

*** [100.101.0.10] can't find members.nmar.com: Server failed

-Our DNS server log output follows:


Jan 26 13:48:00 dns1 named[1609]: FORMERR resolving 
'members.nmar.com/A/IN': 216.40.47.26#53
Jan 26 13:48:00 dns1 named[1609]: FORMERR resolving 
'members.nmar.com/A/IN': 64.98.148.13#53


-It works with Cloudfare and Goole however:


server 8.8.8.8

Default Server:  dns.google
Address:  8.8.8.8


members.nmar.com

Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    public.west.us.memberzone.org
Address:  172.170.249.2
Aliases:  members.nmar.com


-If I dig this from one of our other server it fails as well unless I 
add the +norec option which DOES work.



-If I perform an nslookup to their authoritative DNS servers I get a 
referral to the root name server list:


Server:  ns1.hover.com
Address:  216.40.47.26

Name:    nmar.com
Address:  20.25.91.29


members.nmar.com

Server:  ns1.hover.com
Address:  216.40.47.26

Non-authoritative answer:
Non-authoritative answer:
Name:    members.nmar.com
Served by:
- a.root-servers.net


- b.root-servers.net


- c.root-servers.net


- d.root-servers.net


- e.root-servers.net


- f.root-servers.net


- g.root-servers.net


- h.root-servers.net


- i.root-servers.net


- j.root-servers.net


-I am not sure if this is an issue with us or them or I need to adjust 
my configuration somehow to accommodate a problem on their server.  I am 
not sure why other DNS is working but ours is failing.


-This is tested with our server firewall disabled.


-I have disabled firewall rules within our network to confirm NO 
firewall issues are causing this.



-I have checked the DNS with our upstream and they are resolving this 
url correctly; therefore I don't suspect firewall issues within their 
network.


-We are not using IPV6 at all at this time.


-This is occurring with both of our redundant DNS servers and I fired up 
a test server with Bind 9.16 and it is giving me the same result.


-Any thoughts or suggestions would be very helpful and much appreciated!

Regards,


Scott
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users






















					Reply via email to