reducing the advertised EDNS UDP packet size to 512 octets

waqasce · 06-13-2009, 10:37 PM

I have Received the Following Error .Could any one tell me why it occurs and what is the Solutiom to this Error

un 14 04:27:32 Userver named[10238]: too many timeouts resolving 'enjoy.ch/MX' (in 'enjoy.CH'?): reducing the advertised EDNS UDP p
acket size to 512 octets
Jun 14 04:27:33 Userver named[10238]: too many timeouts resolving 'dns1.maxonline.com.sg/AAAA' (in 'maxonline.com.sg'?): reducing th
e advertised EDNS UDP packet size to 512 octets
Jun 14 04:27:33 Userver named[10238]: too many timeouts resolving 'dns5.maxonline.com.sg/AAAA' (in 'maxonline.com.sg'?): reducing th
e advertised EDNS UDP packet size to 512 octets
Jun 14 04:27:33 Userver named[10238]: too many timeouts resolving 'dns2.maxonline.com.sg/AAAA' (in 'maxonline.com.sg'?): reducing th
e advertised EDNS UDP packet size to 512 octets
Jun 14 04:27:33 Userver named[10238]: network unreachable resolving 'cosgen.com/MX/IN': 2001:503:a83e::2:30#53
Jun 14 04:27:33 Userver named[10238]: network unreachable resolving 'sinahappy.com/MX/IN': 2001:503:a83e::2:30#53
Jun 14 04:27:33 Userver named[10238]: network unreachable resolving 'suhosystem.com/MX/IN': 2001:503:a83e::2:30#53
Jun 14 04:27:33 Userver named[10238]: too many timeouts resolving 'nhwoman.org/MX' (in 'nhwoman.org'?): disabling EDNS
Jun 14 04:27:33 Userver named[10238]: too many timeouts resolving '28.18.209.58.in-addr.arpa/PTR' (in '209.58.in-addr.arpa'?): reduc
ing the advertised EDNS UDP packet size to 512 octets
Jun 14 04:27:33 Userver named[10238]: lame server resolving 'ns1.ritdisplay.com.tw' (in 'ritdisplay.com.tw'?): 203.66.64.4#53
Jun 14 04:27:33 Userver named[10238]: lame server resolving 'ns2.ritdisplay.com.tw' (in 'ritdisplay.com.tw'?): 203.66.64.4#53
Jun 14 04:27:33 Userver named[10238]: too many timeouts resolving 'cosgen.com/MX' (in 'cosgen.com'?): reducing the advertised EDNS U
DP packet size to 512 octets
Jun 14 04:27:33 Userver named[10238]: lame server resolving 'ns1.ritdisplay.com.tw' (in 'ritdisplay.com.tw'?): 203.66.64.3#53
Jun 14 04:27:33 Userver named[10238]: too many timeouts resolving 'sinahappy.com/MX' (in 'sinahappy.com'?): reducing the advertised
EDNS UDP packet size to 512 octets
Jun 14 04:27:33 Userver named[10238]: lame server resolving 'ns2.ritdisplay.com.tw' (in 'ritdisplay.com.tw'?): 203.66.64.3#53
Jun 14 04:27:34 Userver named[10238]: too many timeouts resolving '50.38.241.118.in-addr.arpa/PTR' (in '38.241.118.in-addr.arpa'?):
reducing the advertised EDNS UDP packet size to 512 octets
Jun 14 04:27:34 Userver named[10238]: too many timeouts resolving '55.140.9.210.in-addr.arpa/PTR' (in '9.210.in-addr.arpa'?): reduci
ng the advertised EDNS UDP packet size to 512 octets
Jun 14 04:27:34 Userver named[10238]: FORMERR resolving 'ns1.superdns.org/AAAA/IN': 60.12.108.241#53
Jun 14 04:27:34 Userver named[10238]: FORMERR resolving 'ns2.superdns.org/AAAA/IN': 60.12.108.241#53
Jun 14 04:27:34 Userver named[10238]: unexpected RCODE (SERVFAIL) resolving 'smarking.com/A/IN': 195.110.124.140#53
Jun 14 04:27:34 Userver named[10238]: network unreachable resolving 'mail.intekom.com/A/IN': 2001:503:231d::2:30#53
Jun 14 04:27:34 Userver named[10238]: too many timeouts resolving 'suhosystem.com/MX' (in 'suhosystem.com'?): disabling EDNS
Jun 14 04:27:34 Userver named[10238]: too many timeouts resolving 'ns.ariworks.co.kr/AAAA' (in 'kr'?): reducing the advertised EDNS
UDP packet size to 512 octets
Jun 14 04:27:34 Userver named[10238]: too many timeouts resolving 'ns2.ariworks.co.kr/AAAA' (in 'kr'?):

bathory · 06-14-2009, 04:47 PM

Hi,

You'll find an explanation here. Since setting "edns-udp-size 512" usually does not help, your only chance is to stop logging these warnings, as suggested at the last post in the above link.

qqqqq · 05-11-2012, 11:14 PM

There are other things that can cause this, apart from a misconfigured firewall. I had the same problem - my logs looked like this:

Code:

May 11 21:53:20 mypc named[1357]: error (network unreachable) resolving 'ns-1564.awsdns-03.co.uk/A/IN': 2001:630:181:35::83#53
May 11 21:53:20 mypc named[1357]: error (network unreachable) resolving 'ns-1564.awsdns-03.co.uk/AAAA/IN': 2001:630:181:35::83#53
May 11 21:53:26 mypc named[1357]: error (network unreachable) resolving 'ns-1564.awsdns-03.co.uk/A/IN': 2001:502:ad09::3#53
May 11 21:53:26 mypc named[1357]: error (network unreachable) resolving 'ns-1564.awsdns-03.co.uk/AAAA/IN': 2001:502:ad09::3#53
May 11 21:53:27 mypc named[1357]: error (network unreachable) resolving 'ns-1564.awsdns-03.co.uk/A/IN': 2a01:40:1001:35::2#53
May 11 21:53:27 mypc named[1357]: error (network unreachable) resolving 'ns-1564.awsdns-03.co.uk/AAAA/IN': 2a01:40:1001:35::2#53
May 11 21:53:31 mypc named[1357]: success resolving 'indiabroadband.net/A' (in 'indiabroadband.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
May 11 21:53:38 mypc named[1357]: success resolving 'releases.mozilla.org/A' (in 'mozilla.org'?) after reducing the advertised EDNS UDP packet size to 512 octets

and so on. The solution turned out to be simple: I had an old entry in the "forwarders" section of /etc/bind/named.conf.options:

Code:

forwarders {
    192.168.2.100;
};

The DNS server 192.168.2.100 was part of an old network configuration and no longer existed on the network. So all the errors were telling me, I think, was that the local bind9 server was trying to poll another DNS server (192.168.2.100) that it could not reach. Presumably the occasional successful DNS resolution occurred when it stopped trying this server and tried another one (the default gateway, perhaps - not really sure how this works).

Anyway, changing that IP address under the "forwarders" section to the IP address of my current main DNS server (my home router) fixed the problem.

EDIT: I just saw more, similar, messages in my syslog. So there may be more going on, and the problem I resolved may not have been the (sole) cause of the messages. There are certainly fewer of the messages now but the ones that do occur are similar:

Code:

May 12 00:24:31 mypc named[5844]: success resolving 'googlemail.l.google.com/A' (in '.'?) after disabling EDNS
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 2001:503:ba3e::2:30#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:503:ba3e::2:30#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 2001:500:2f::f#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:500:2f::f#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 2001:500:1::803f:235#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:500:1::803f:235#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 2001:7fe::53#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 2001:503:c27::2:30#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:7fe::53#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 2001:7fd::1#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:503:c27::2:30#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 2001:500:3::42#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:7fd::1#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 2001:dc3::35#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:500:3::42#53
May 12 00:24:42 mypc named[5844]: error (network unreachable) resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:dc3::35#53
May 12 00:24:42 mypc named[5844]: success resolving 'B.ROOT-SERVERS.NET/AAAA' (in '.'?) after disabling EDNS
May 12 00:24:42 mypc named[5844]: success resolving 'G.ROOT-SERVERS.NET/AAAA' (in '.'?) after disabling EDNS
May 12 00:24:43 mypc named[5844]: success resolving './NS' (in '.'?) after disabling EDNS

and so on. Seems I haven't got to the bottom of the problem.