LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 01-16-2008, 05:58 AM   #1
beerfest
LQ Newbie
 
Registered: Jan 2008
Posts: 4

Rep: Reputation: 0
BIND - Unexpected RCODE (SERVFAIL/REFUSED) errors


Hi all,
My first post here and am looking for a little help. Have done a quick search and couldn't find anything that helped me fix my problem.

I'm running a DNS server and it's working fine from what I can tell. I've used dig to test things and I'm also receiving e-mails to postfix on the server.

However, I'm getting info from named in /var/log/messages as follows:-

Jan 13 23:52:37 gservtwo named[2082]: unexpected RCODE (SERVFAIL) resolving '168.153.103.202.in-addr.arpa/PTR/IN': 202.96.128.68#53
Jan 13 23:53:15 gservtwo named[2082]: unexpected RCODE (REFUSED) resolving '183.140.87.218.in-addr.arpa/PTR/IN': 202.101.226.68#53
Jan 13 23:53:16 gservtwo named[2082]: unexpected RCODE (SERVFAIL) resolving '170.162.171.125.in-addr.arpa/PTR/IN': 211.156.177.66#53
Jan 13 23:53:22 gservtwo named[2082]: unexpected RCODE (REFUSED) resolving 'mail.ifet.gr/A/IN': 195.170.2.1#53
Jan 13 23:53:22 gservtwo named[2082]: unexpected RCODE (REFUSED) resolving 'mail.ifet.gr/AAAA/IN': 195.170.2.1#53
Jan 13 23:53:22 gservtwo named[2082]: unexpected RCODE (REFUSED) resolving 'mail.ifet.gr/A/IN': 195.170.0.2#53
Jan 13 23:53:22 gservtwo named[2082]: unexpected RCODE (REFUSED) resolving 'mail.ifet.gr/AAAA/IN': 195.170.0.2#53
Jan 13 23:53:47 gservtwo named[2082]: unexpected RCODE (REFUSED) resolving '11.88.61.59.in-addr.arpa/PTR/IN': 202.101.103.55#53
Jan 13 23:53:50 gservtwo named[2082]: unexpected RCODE (REFUSED) resolving '10.88.61.59.in-addr.arpa/PTR/IN': 202.101.103.55#53

Cont...
Jan 16 07:27:51 gservtwo named[2082]: unexpected RCODE (SERVFAIL) resolving 'ns.hbwhptt.net.cn/AAAA/IN': 202.96.0.133#53
Jan 16 08:32:03 gservtwo named[2082]: unexpected RCODE (REFUSED) resolving '194.71.224.195.blackholes.wirehub.net/A/IN': 195.86.49.227#53
Jan 16 09:00:21 gservtwo named[2082]: unexpected RCODE (REFUSED) resolving '85.240.219.212.blackholes.wirehub.net/A/IN': 195.86.49.227#53
Jan 16 09:05:52 gservtwo named[2082]: unexpected RCODE (SERVFAIL) resolving 'mail2.wearvalley.gov.uk/A/IN': 194.117.157.4#53
Jan 16 09:06:02 gservtwo named[2082]: unexpected RCODE (SERVFAIL) resolving 'wearvalley.gov.uk/A/IN': 194.117.157.4#53
Jan 16 09:06:02 gservtwo named[2082]: unexpected RCODE (SERVFAIL) resolving 'wearvalley.gov.uk/MX/IN': 194.117.157.4#53
Jan 16 09:06:02 gservtwo named[2082]: unexpected RCODE (SERVFAIL) resolving 'ORION.wearvalley.gov.uk/TXT/IN': 194.117.157.4#53
Jan 16 09:06:02 gservtwo named[2082]: unexpected RCODE (SERVFAIL) resolving 'wearvalley.gov.uk/TXT/IN': 194.117.157.4#53
Jan 16 09:45:58 gservtwo named[4948]: unexpected RCODE (SERVFAIL) resolving '250.168.77.125.in-addr.arpa/PTR/IN': 202.101.98.54#53
Jan 16 09:46:10 gservtwo named[4948]: unexpected RCODE (REFUSED) resolving '250.168.77.125.in-addr.arpa/PTR/IN': 202.101.103.55#53
Jan 16 09:46:12 gservtwo named[4948]: unexpected RCODE (REFUSED) resolving 'dns.xm.fj.cn/A/IN': 202.101.103.55#53
Jan 16 10:15:16 gservtwo named[4948]: unexpected RCODE (REFUSED) resolving '67.32.94.80.blackholes.wirehub.net/A/IN': 195.86.49.227#53


Can anyone tell me why I'm getting these messages even though the DNS server appears to be functioning normally?
 
Old 01-17-2008, 08:31 PM   #2
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
I see the SERVFAIL message if according to named.conf I have a zone, but don't actually have a file for the zone. Like if I put abcd.com in named.conf, but then don't have an abcd.com zone where the zones should be. I'll start to see that SERVFAIL message in /var/log/named/bind.log on my machines, and it seems to be placed in /var/log/messages on yours.

How you'd be getting that on PTR lookups is odd though. Could you maybe post the full named.conf and list any authoritative zones that you have?

Peace,
JimBass
 
Old 01-18-2008, 10:03 AM   #3
mahmoud
Member
 
Registered: Apr 2006
Location: UK
Distribution: Mandriva, Debain, Redhat, Fedora, Ubuntu, FreeBSD
Posts: 269

Rep: Reputation: 30
Hi my guess id you have not pointed to the right directory where your files are
or use
chkconfig --add named
check were your zone file are
also is your bind built in a jail i.e chroot
 
Old 01-21-2008, 05:43 AM   #4
beerfest
LQ Newbie
 
Registered: Jan 2008
Posts: 4

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by JimBass View Post
I see the SERVFAIL message if according to named.conf I have a zone, but don't actually have a file for the zone. Like if I put abcd.com in named.conf, but then don't have an abcd.com zone where the zones should be. I'll start to see that SERVFAIL message in /var/log/named/bind.log on my machines, and it seems to be placed in /var/log/messages on yours.

How you'd be getting that on PTR lookups is odd though. Could you maybe post the full named.conf and list any authoritative zones that you have?

Peace,
JimBass
Hi,
I've checked named.conf and I have got my zone files in the correct place. I'll try and post my named.conf file later today.

Note that all the IP's in the log in the original post are not mine, they are mostly from e-mails going through my server. I suspect that Postfix and blacklisted IP's via spamhaus.org have something to do with the errors.

Cheers.
 
Old 05-02-2008, 01:26 PM   #5
faheyd
Member
 
Registered: Jun 2003
Location: Northern California (NorCal)
Distribution: Ubuntu 7.04 and DSL/Puppy etc
Posts: 342

Rep: Reputation: 30
Quote:
Originally Posted by beerfest View Post
Hi,
I've checked named.conf and I have got my zone files in the correct place. I'll try and post my named.conf file later today.

Note that all the IP's in the log in the original post are not mine, they are mostly from e-mails going through my server. I suspect that Postfix and blacklisted IP's via spamhaus.org have something to do with the errors.

Cheers.
NEVER TO BE HEARD FROM AGAIN.

Gotta love the internet.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Bind 9 rndc connection refused. 360 Linux - Networking 2 10-15-2010 02:47 PM
DNS Log Errors: unexpected RCODE (REFUSED) mr.wobble Linux - Software 1 02-11-2006 10:17 PM
Dynamic DHCP/BIND Connection refused problem aglock Linux - Networking 4 04-28-2004 07:43 AM
failed while receiving responses: REFUSED on SLAVE with BIND 9.2.2 cccc Linux - Networking 9 10-07-2003 08:00 AM
vsftpd Connection Refused Errors SForsgren Linux - General 2 04-26-2003 11:46 PM


All times are GMT -5. The time now is 12:55 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration