Solved

BIND DNS Server Logs full of "unexpected RCODE (SERVFAIL)"

Posted on 2010-08-19
4
4,054 Views
Last Modified: 2012-12-28
We don't use this serve to host any zones at all.  We just use it as a caching DNS server really.  We don't have any DNS servers to forward requests to either.  So I'm wondering why I get 20,000 error messages a day per server.  I understand my server is trying to look up DNS information across the internet and is not finding the information or is rejected which is causing these errors.

I have an ACL to only allow lookup requests from people inside my network.  So this DNS server cannot be used by people on the outside.   I use webmin to manage the bind server.  

Some examples..

unexpected RCODE (SERVFAIL) resolving '199.252.32.89.in-addr.arpa/ANY/IN': 194.54.128.226#53: 2 Time(s)
    unexpected RCODE (REFUSED) resolving '101.54.6.207.in-addr.arpa/ANY/IN': 209.53.4.150#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving '91.32.194.173.in-addr.arpa/PTR/IN': 216.239.32.10#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'ns1-cle.bluebridgenetworks.net/AAAA/IN': 76.10.196.5#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving 'ns1.fastserve.net/AAAA/IN': 216.176.200.5#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'sapphire.newgrounds.com/A/IN': 66.28.0.14#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'ns2.westnet.ie/AAAA/IN': 88.81.98.4#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving '22.218.192.99.in-addr.arpa/ANY/IN': 64.59.65.3#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving 'ns2.fastserve.net/A/IN': 216.176.200.5#53: 1 Time(s)


What can I do to fix this?  
0
Comment
Question by:wisptech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 9

Accepted Solution

by:
jeremycrussell earned 500 total points
ID: 33478690
Do you happen to have a firewall in front of the DNS server, I've seen some cases where a F/W will only allow a certain size DNS request and will truncate them.
0
 

Author Comment

by:wisptech
ID: 33479117
Yes I had just figured it out with the help of someone in IRC.  I had left port 53 open for future use in case I hosted some zones.  That is where all the queries were coming from.  BIND was denying them their query of course.  For now I closed iptables down to only our network and port 53.  Thanks for bringing it  up :)
0
 

Author Closing Comment

by:wisptech
ID: 33479141
Firewall issue
0
 

Expert Comment

by:adminjoe
ID: 35221494
i face the same problem, most of the time my clients can't access internet . They all use the same dns server. The logs keep increasing the /var/log/messages file size. What happen actually to my dns server.
seems like the server cant resolv certain ip and name address. Btw i still can do nslookup.
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Samba is the de-facto standard program (or, more correctly: suite of programs) that UNIX and Linux systems use to share files with Microsoft Windows (and more recently, Mac OS-X) systems. Currently, there are 2 common versions of Samba available,…
This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question