BIND DNS Server Logs full of "unexpected RCODE (SERVFAIL)"

We don't use this serve to host any zones at all.  We just use it as a caching DNS server really.  We don't have any DNS servers to forward requests to either.  So I'm wondering why I get 20,000 error messages a day per server.  I understand my server is trying to look up DNS information across the internet and is not finding the information or is rejected which is causing these errors.

I have an ACL to only allow lookup requests from people inside my network.  So this DNS server cannot be used by people on the outside.   I use webmin to manage the bind server.  

Some examples..

unexpected RCODE (SERVFAIL) resolving '199.252.32.89.in-addr.arpa/ANY/IN': 194.54.128.226#53: 2 Time(s)
    unexpected RCODE (REFUSED) resolving '101.54.6.207.in-addr.arpa/ANY/IN': 209.53.4.150#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving '91.32.194.173.in-addr.arpa/PTR/IN': 216.239.32.10#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'ns1-cle.bluebridgenetworks.net/AAAA/IN': 76.10.196.5#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving 'ns1.fastserve.net/AAAA/IN': 216.176.200.5#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'sapphire.newgrounds.com/A/IN': 66.28.0.14#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'ns2.westnet.ie/AAAA/IN': 88.81.98.4#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving '22.218.192.99.in-addr.arpa/ANY/IN': 64.59.65.3#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving 'ns2.fastserve.net/A/IN': 216.176.200.5#53: 1 Time(s)


What can I do to fix this?  
wisptechAsked:
Who is Participating?
 
jeremycrussellCommented:
Do you happen to have a firewall in front of the DNS server, I've seen some cases where a F/W will only allow a certain size DNS request and will truncate them.
0
 
wisptechAuthor Commented:
Yes I had just figured it out with the help of someone in IRC.  I had left port 53 open for future use in case I hosted some zones.  That is where all the queries were coming from.  BIND was denying them their query of course.  For now I closed iptables down to only our network and port 53.  Thanks for bringing it  up :)
0
 
wisptechAuthor Commented:
Firewall issue
0
 
adminjoeCommented:
i face the same problem, most of the time my clients can't access internet . They all use the same dns server. The logs keep increasing the /var/log/messages file size. What happen actually to my dns server.
seems like the server cant resolv certain ip and name address. Btw i still can do nslookup.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.