HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Dns & uribl (http://www.howtoforge.com/forums/showthread.php?t=54525)

DrJohn 13th October 2011 18:50

Dns & uribl
 
This is Perfect Server Ubuntu 10.04. I recently changed DNS forwarders from my ISP-provided to a pair of the fastest (from here) public DNS sites: SpeakEasy and Google Public DNS. The ISP sites were about 5x slower and were returning advertising material for non-existent domains.

In /etc/bind/named.conf.options:
Code:

forwarders {
                //Speakeasy
                66.93.87.2;
                // Google Public DNS
                8.8.8.8;
        };

I've always seen a number of DNS errors in the logs, like these from the ISP DNS servers:
Code:

DNS format error from 184.16.33.54#53 resolving dns1.name-services.com/AAAA: invalid response: 1 Time(s)
error (FORMERR) resolving 'dns3.name-services.com/AAAA/IN': 184.16.4.22#53: 17 Time(s)
error (network unreachable) resolving '132.52.40.124.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:2#53: 1 Time(s)
error (unexpected RCODE REFUSED) resolving '154.77.22.184.in-addr.arpa/PTR/IN':
success resolving '154.30.47.96.bb.barracudacentral.org/A' (in 'bb.barracudacentral.org'?) after disabling EDNS: 1 Time(s)

but the number is small (< 50 per day) and there seems to be no impact.

After changing the DNS servers, I see a couple of hundred errors related to URIBL DNS queries (out of a 10.04 VM running ISPConfig 2.2.40 / SA) like these (many different domains overall):
Code:

error (unexpected RCODE REFUSED) resolving 'radisson.com.multi.uribl.com/A/IN': 8.8.8.8#53: 1 Time(s)
All of these were returned from the Google Public DNS server.
In addition, I see about the same number of these and similar:
Code:

error (network unreachable) resolving 'C.ROOT-SERVERS.NET/AAAA/IN': 2001:500:2f::f#53: 1 Time(s)
error (network unreachable) resolving 'k.gtld-servers.net/AAAA/IN': 2001:7fd::1#53: 1 Time(s)
error (network unreachable) resolving 'ns3.google.com/AAAA/IN': 2001:503:c27::2:30#53: 1 Time(s)

I'd like to clear this up on the server. Is this a symptom of 1) a problem with the local Bind installation; 2) a problem with SA / URIBL; 3) a problem with the public DNS servers; 4) not a problem other than syslog inflation?

Thanks !

DrJohn 15th October 2011 19:13

Apparently this is a problem with the Google Public DNS. I removed it from the list of forwarders and poof! no more such log entries.

-- John


All times are GMT +2. The time now is 19:17.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.