McAfee responded within minutes, and they are on the case. Thanks for the
hint!
Bert
On Wed, Dec 08, 2010 at 09:05:24AM -0500, Curtis Maurand wrote:
You might try posting a message to the nanog list.
--Curtis
On 12/8/2010 7:43 AM, bert hubert wrote:
Dear PowerDNS Recursor users,
If you have McAfee users among your client base, you may currently be seeing
errors like these in your log file:
pdns_recursor[4024]: DNS parser error:
0.xx-x.xx.1xxx...xxx.x.xx.avqs.mcafee.com.,
Parsing record content: expected digits at position 9 in
'\# 45
093a800258'
These errors are harmless to your general Recursor operations, but the
McAfee program generating these queries will be reporting timeouts to your
end-users.
The root cause of this error is a protocol violation by the McAfee
nameserver software. We are attempting to contact McAfee so that they can
become aware of this error. In short, they are emitting answers in 'CLASS0'
instead of in 'CLASS IN'.
This causes PowerDNS to log the scary errors reported above. Additionally,
it crashes many versions of 'dig'.
We are attempting to contact McAfee. If you know anyone in a DNS position
there, please let me know. In the meantime, if you want to get rid of this
error and you can recompile your PowerDNS Recursor, you can use:
Index: dnsparser.cc
===
--- dnsparser.cc(revision 1745)
+++ dnsparser.cc(working copy)
@@ -246,6 +246,8 @@
dr.d_ttl=ah.d_ttl;
dr.d_type=ah.d_type;
dr.d_class=ah.d_class;
+ if(dr.d_class == 0)
+dr.d_class = 1;
dr.d_label=label;
dr.d_clen=ah.d_clen;
Kind regards,
Bert Hubert
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users
