Solved

BIND DNS Server Logs full of "unexpected RCODE (SERVFAIL)"

Posted on 2010-08-19
4
3,900 Views
Last Modified: 2012-12-28
We don't use this serve to host any zones at all.  We just use it as a caching DNS server really.  We don't have any DNS servers to forward requests to either.  So I'm wondering why I get 20,000 error messages a day per server.  I understand my server is trying to look up DNS information across the internet and is not finding the information or is rejected which is causing these errors.

I have an ACL to only allow lookup requests from people inside my network.  So this DNS server cannot be used by people on the outside.   I use webmin to manage the bind server.  

Some examples..

unexpected RCODE (SERVFAIL) resolving '199.252.32.89.in-addr.arpa/ANY/IN': 194.54.128.226#53: 2 Time(s)
    unexpected RCODE (REFUSED) resolving '101.54.6.207.in-addr.arpa/ANY/IN': 209.53.4.150#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving '91.32.194.173.in-addr.arpa/PTR/IN': 216.239.32.10#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'ns1-cle.bluebridgenetworks.net/AAAA/IN': 76.10.196.5#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving 'ns1.fastserve.net/AAAA/IN': 216.176.200.5#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'sapphire.newgrounds.com/A/IN': 66.28.0.14#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'ns2.westnet.ie/AAAA/IN': 88.81.98.4#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving '22.218.192.99.in-addr.arpa/ANY/IN': 64.59.65.3#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving 'ns2.fastserve.net/A/IN': 216.176.200.5#53: 1 Time(s)


What can I do to fix this?  
0
Comment
Question by:wisptech
  • 2
4 Comments
 
LVL 9

Accepted Solution

by:
jeremycrussell earned 500 total points
ID: 33478690
Do you happen to have a firewall in front of the DNS server, I've seen some cases where a F/W will only allow a certain size DNS request and will truncate them.
0
 

Author Comment

by:wisptech
ID: 33479117
Yes I had just figured it out with the help of someone in IRC.  I had left port 53 open for future use in case I hosted some zones.  That is where all the queries were coming from.  BIND was denying them their query of course.  For now I closed iptables down to only our network and port 53.  Thanks for bringing it  up :)
0
 

Author Closing Comment

by:wisptech
ID: 33479141
Firewall issue
0
 

Expert Comment

by:adminjoe
ID: 35221494
i face the same problem, most of the time my clients can't access internet . They all use the same dns server. The logs keep increasing the /var/log/messages file size. What happen actually to my dns server.
seems like the server cant resolv certain ip and name address. Btw i still can do nslookup.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SUDO/sudoers versus a SSH trusted host? 3 67
Migrate from W2K8R2 to W2012R2 10 36
Search for string in AD database 7 70
Azure FTP connection 5 86
Problem: Windows 32bit running out of paging space. Solution: Add additional page files on separate partitions. Background: By default Windows creates only one page file on the partition you install Windows on. You may know that the maximu…
Have you ever stumbled upon a software that is so great that you just love? It happened to me. Love at first sight. Filezilla Server.   Ok its not the most advanced ftp server I've came across. But its a fairly simple piece of software to get the …
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now