Solved

BIND DNS Server Logs full of "unexpected RCODE (SERVFAIL)"

Posted on 2010-08-19
4
4,011 Views
Last Modified: 2012-12-28
We don't use this serve to host any zones at all.  We just use it as a caching DNS server really.  We don't have any DNS servers to forward requests to either.  So I'm wondering why I get 20,000 error messages a day per server.  I understand my server is trying to look up DNS information across the internet and is not finding the information or is rejected which is causing these errors.

I have an ACL to only allow lookup requests from people inside my network.  So this DNS server cannot be used by people on the outside.   I use webmin to manage the bind server.  

Some examples..

unexpected RCODE (SERVFAIL) resolving '199.252.32.89.in-addr.arpa/ANY/IN': 194.54.128.226#53: 2 Time(s)
    unexpected RCODE (REFUSED) resolving '101.54.6.207.in-addr.arpa/ANY/IN': 209.53.4.150#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving '91.32.194.173.in-addr.arpa/PTR/IN': 216.239.32.10#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'ns1-cle.bluebridgenetworks.net/AAAA/IN': 76.10.196.5#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving 'ns1.fastserve.net/AAAA/IN': 216.176.200.5#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'sapphire.newgrounds.com/A/IN': 66.28.0.14#53: 1 Time(s)
    unexpected RCODE (SERVFAIL) resolving 'ns2.westnet.ie/AAAA/IN': 88.81.98.4#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving '22.218.192.99.in-addr.arpa/ANY/IN': 64.59.65.3#53: 1 Time(s)
    unexpected RCODE (REFUSED) resolving 'ns2.fastserve.net/A/IN': 216.176.200.5#53: 1 Time(s)


What can I do to fix this?  
0
Comment
Question by:wisptech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 9

Accepted Solution

by:
jeremycrussell earned 500 total points
ID: 33478690
Do you happen to have a firewall in front of the DNS server, I've seen some cases where a F/W will only allow a certain size DNS request and will truncate them.
0
 

Author Comment

by:wisptech
ID: 33479117
Yes I had just figured it out with the help of someone in IRC.  I had left port 53 open for future use in case I hosted some zones.  That is where all the queries were coming from.  BIND was denying them their query of course.  For now I closed iptables down to only our network and port 53.  Thanks for bringing it  up :)
0
 

Author Closing Comment

by:wisptech
ID: 33479141
Firewall issue
0
 

Expert Comment

by:adminjoe
ID: 35221494
i face the same problem, most of the time my clients can't access internet . They all use the same dns server. The logs keep increasing the /var/log/messages file size. What happen actually to my dns server.
seems like the server cant resolv certain ip and name address. Btw i still can do nslookup.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Beyond Compare Software changed the date stamp and owner of copied files 3 95
FileZilla port forwarding 22 256
Ping / Map Network Drive Issues 7 94
Exchange 2013 event logs 1 78
Samba is the de-facto standard program (or, more correctly: suite of programs) that UNIX and Linux systems use to share files with Microsoft Windows (and more recently, Mac OS-X) systems. Currently, there are 2 common versions of Samba available,…
Have you ever stumbled upon a software that is so great that you just love? It happened to me. Love at first sight. Filezilla Server.   Ok its not the most advanced ftp server I've came across. But its a fairly simple piece of software to get the …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question