BIND9 DNS SERVER - Lots of failed queries with SERVFAIL and EDNS references

linux networking google-chrome dns arch-linux
9,926

The issue is positively fixed. I created a github repo where I added all relevant named config files as well as logs for comparison between the broken and working config versions of my named server. Ultimately I can't really pinpoint the issue butI could have potentially been a misconfiguration of my forward and reverse zones. In my forward zone where declaring the NS record I added the domain like so

muncic.local.  NS  IN  nas.muncic.local.

instead of

NS  IN  nas.muncic.local.

In my reverse zone I spotted a PTR record that wasn't using the correct value

35                     IN   PTR 35.0.1.168.192.muncic.local.

instead of

35                     IN   PTR nas

I also did various changes to my named.conf binding named to my 2nd wired interface enp6s0 running on 192.168.1.33.

This was my journalctl output for named before and after the fix for about roughly 24 hours each:

$ journalctl -u named --since="2017-02-12" --until="2017-02-13" | grep  SERVFAIL -c
67
$ journalctl -u named --since="2017-02-14" | grep  SERVFAIL -c
0
Share:
9,926

Related videos on Youtube

Sven M.
Author by

Sven M.

Languages: C#,VB.NET,SQL Frameworks: ASP.NET WebForms/MVC/Web Api, Entity Framework

Updated on September 18, 2022

Comments

  • Sven M.
    Sven M. over 1 year

    I am running my own BIND9 server which is running on a arch linux in my local network. Since running the server I started getting various errors in my browser (chrome on android 6). These errors usually appear all at once in a row:

    • dns probe bad
    • err_name_not_resolved
    • err_timed_out (Update IV)

    The issue resolves itself after some 30 seconds by just clicking through the error message trying to reload the page. My logs are not showing any suspicious entries (journalctl -r -u named). I posted my bind9 config along with the relevant/running zones below. Are there any obvious issues anybody could maybe point out? I am happy to produce more config/log files as required or run any tests. I should maybe also mention that I have setup a dhcp server on the same machine. That box in addition is also hosting a windows server 2016 guest with libvirt in kvm with a qemu hypervisor. I have the output of ˋip addr showˋ attached below.

    Update I: After checking my dns server log again there are actually a number of failed queries. Analysing right now. Log is attached at the very bottom. Thankful for any pointers. Thanks! (not a sys admin by day rather than a software developer so this is really not my domain of expertise so to say)

    Update II: Possibly solved my issue by explicitly setting the address to listen on. In this case: listen-on { 192.168.1.35; }; (in /etc/named.conf) . Will monitor the log and ultimately confirm within the next 24hrs.

    Update III: Still receiving servfail errors in my dns server log but since explicitly setting the ip address to listen on I have not received any errors in my browser on this device yet and I also feel query performance has increased. The latter of course is highly subjective. The servfail error points to a C file query.c at line 8298. I am also looking into the bind9 parameter edns-udp-size in connection with my router/internet modem. I once flashed a Telekom Speedport W920V into a AVM FritzBox 7570 vDSL which I still use as my vDSL modem/router. Still very much hoping for some pointers. Cheers.

    Update IV: Added additional browser error as per above. Also as mentioned in UIII I am looking into the parameter EDNS-UDP-SIZE due to the following log entries:

    Feb 07 19:05:01 nas named[10928]: success resolving 'clients4.google.com/A' (in '.'?) after reducing the advertised EDNS UDP packet size to 512 octets
Feb 07 19:04:54 nas named[10928]: client @0x7f7a18204640 192.168.1.31#14927 (clients4.google.com): query: clients4.google.com IN A + (192.168.1.35)

    Output of ip addr show:

    $ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UP group default qlen 1000
    link/ether e0:cb:4e:42:ee:e3 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::8259:5b3a:8510:f42/64 scope link 
       valid_lft forever preferred_lft forever
3: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 68:05:ca:4a:82:b1 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.33/24 brd 192.168.1.255 scope global enp6s0
       valid_lft forever preferred_lft forever
    inet6 fe80::510b:e84e:e0ec:5736/64 scope link 
       valid_lft forever preferred_lft forever
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:d4:72:9d:eb:d7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.35/24 brd 192.168.1.255 scope global br0
       valid_lft forever preferred_lft forever
    inet 192.168.1.115/24 brd 192.168.1.255 scope global secondary br0
       valid_lft forever preferred_lft forever
    inet6 fe80::a9ed:5871:8928:e54c/64 scope link 
       valid_lft forever preferred_lft forever
    inet6 fe80::50d4:72ff:fe9d:ebd7/64 scope link 
       valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:4c:bf:cc brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:4c:bf:cc brd ff:ff:ff:ff:ff:ff
9: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UNKNOWN group default qlen 1000
    link/ether fe:54:00:78:91:29 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::18cc:6a42:e2b9:6fe4/64 scope link 
       valid_lft forever preferred_lft forever

    This is my bind9 config:

    acl allowedclients {
    192.168.1.0/24;
    localhost;
    127.0.0.1;
};

options {
        directory "/var/named";
    pid-file "/run/named/named.pid";    

        recursion yes;
    allow-recursion { 192.168.1.0/24; 127.0.0.1; };
        allow-query { allowedclients; };

        forwarders {
                8.8.8.8;
                8.8.4.4;
        };
        forward only;

        dnssec-enable yes;
    dnssec-validation yes;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
    listen-on  port 53 { any; };
};

# Use with the following in named.conf, adjusting the allow list as needed:
include "/etc/rndc.key";
#
controls {
       inet 127.0.0.1 port 8222
       allow { 127.0.0.1; } keys { "rndc-key"; };
 };

zone "localhost" in {
    type master;
    file "/var/named/localhost.zone";
};

zone "0.0.127.in-addr.arpa" in {
    type master;
    file "/var/named/127.0.0.zone";
};

zone "muncic.local" in {
       type master;
       file "/var/named/muncic.local.zone";
};

zone "1.168.192.in-addr.arpa" in {
    type master;
    notify  no;
    file "/var/named/192.168.1.zone";
};

    Here is my forward zone:

    $TTL 3D       ; default ttl for records without a specified lifetime
;$ORIGIN muncic.local.
@                      IN   SOA nas.muncic.local. root.muncic.local. (
                                2017020201   ;  serial number
                                16384        ;  ns refresh
                                2048         ;  ns retry
                                1048576      ;  authority expiry
                                2560        );  min (RFC2308 ยง4)
muncic.local.          IN   NS  nas.muncic.local.
                       IN   NS  google-public-dns-a.google.com.
;nas                    IN  MX  192.168.1.35
muncic.local.          IN   A   192.168.1.35
nas                    IN   A   192.168.1.35
a.mx                   IN   A   192.168.1.35
0.0.1.168.192          IN   A   192.168.1.0
router             IN   A   192.168.1.1
2.0.1.168.192          IN   A   192.168.1.2
3.0.1.168.192          IN   A   192.168.1.3
4.0.1.168.192          IN   A   192.168.1.4
5.0.1.168.192          IN   A   192.168.1.5
6.0.1.168.192          IN   A   192.168.1.6
7.0.1.168.192          IN   A   192.168.1.7
8.0.1.168.192          IN   A   192.168.1.8
9.0.1.168.192          IN   A   192.168.1.9
s7e            IN   A   192.168.1.10
11.0.1.168.192         IN   A   192.168.1.11
winsrv16           IN   A   192.168.1.12
13.0.1.168.192         IN   A   192.168.1.13
14.0.1.168.192         IN   A   192.168.1.14
15.0.1.168.192         IN   A   192.168.1.15
16.0.1.168.192         IN   A   192.168.1.16
17.0.1.168.192         IN   A   192.168.1.17
18.0.1.168.192         IN   A   192.168.1.18
19.0.1.168.192         IN   A   192.168.1.19
20.0.1.168.192         IN   A   192.168.1.20
21.0.1.168.192         IN   A   192.168.1.21
22.0.1.168.192         IN   A   192.168.1.22
23.0.1.168.192         IN   A   192.168.1.23
htpc               IN   A   192.168.1.24
main               IN   A   192.168.1.25
26.0.1.168.192         IN   A   192.168.1.26
27.0.1.168.192         IN   A   192.168.1.27
28.0.1.168.192         IN   A   192.168.1.28
29.0.1.168.192         IN   A   192.168.1.29
30.0.1.168.192         IN   A   192.168.1.30
s2             IN   A   192.168.1.31
32.0.1.168.192         IN   A   192.168.1.32
33.0.1.168.192         IN   A   192.168.1.33
34.0.1.168.192         IN   A   192.168.1.34
nas            IN   A   192.168.1.35
36.0.1.168.192         IN   A   192.168.1.36
37.0.1.168.192         IN   A   192.168.1.37
38.0.1.168.192         IN   A   192.168.1.38
39.0.1.168.192         IN   A   192.168.1.39
40.0.1.168.192         IN   A   192.168.1.40
41.0.1.168.192         IN   A   192.168.1.41
42.0.1.168.192         IN   A   192.168.1.42
43.0.1.168.192         IN   A   192.168.1.43
44.0.1.168.192         IN   A   192.168.1.44
45.0.1.168.192         IN   A   192.168.1.45
46.0.1.168.192         IN   A   192.168.1.46
47.0.1.168.192         IN   A   192.168.1.47
48.0.1.168.192         IN   A   192.168.1.48
49.0.1.168.192         IN   A   192.168.1.49
50.0.1.168.192         IN   A   192.168.1.50
51.0.1.168.192         IN   A   192.168.1.51
52.0.1.168.192         IN   A   192.168.1.52
53.0.1.168.192         IN   A   192.168.1.53
54.0.1.168.192         IN   A   192.168.1.54
55.0.1.168.192         IN   A   192.168.1.55
56.0.1.168.192         IN   A   192.168.1.56
57.0.1.168.192         IN   A   192.168.1.57
58.0.1.168.192         IN   A   192.168.1.58
59.0.1.168.192         IN   A   192.168.1.59
60.0.1.168.192         IN   A   192.168.1.60
61.0.1.168.192         IN   A   192.168.1.61
62.0.1.168.192         IN   A   192.168.1.62
63.0.1.168.192         IN   A   192.168.1.63
64.0.1.168.192         IN   A   192.168.1.64
65.0.1.168.192         IN   A   192.168.1.65
66.0.1.168.192         IN   A   192.168.1.66
67.0.1.168.192         IN   A   192.168.1.67
68.0.1.168.192         IN   A   192.168.1.68
69.0.1.168.192         IN   A   192.168.1.69
70.0.1.168.192         IN   A   192.168.1.70
71.0.1.168.192         IN   A   192.168.1.71
72.0.1.168.192         IN   A   192.168.1.72
73.0.1.168.192         IN   A   192.168.1.73
74.0.1.168.192         IN   A   192.168.1.74
75.0.1.168.192         IN   A   192.168.1.75
76.0.1.168.192         IN   A   192.168.1.76
77.0.1.168.192         IN   A   192.168.1.77
78.0.1.168.192         IN   A   192.168.1.78
79.0.1.168.192         IN   A   192.168.1.79
80.0.1.168.192         IN   A   192.168.1.80
81.0.1.168.192         IN   A   192.168.1.81
82.0.1.168.192         IN   A   192.168.1.82
83.0.1.168.192         IN   A   192.168.1.83
84.0.1.168.192         IN   A   192.168.1.84
85.0.1.168.192         IN   A   192.168.1.85
86.0.1.168.192         IN   A   192.168.1.86
87.0.1.168.192         IN   A   192.168.1.87
88.0.1.168.192         IN   A   192.168.1.88
89.0.1.168.192         IN   A   192.168.1.89
90.0.1.168.192         IN   A   192.168.1.90
91.0.1.168.192         IN   A   192.168.1.91
92.0.1.168.192         IN   A   192.168.1.92
93.0.1.168.192         IN   A   192.168.1.93
94.0.1.168.192         IN   A   192.168.1.94
95.0.1.168.192         IN   A   192.168.1.95
96.0.1.168.192         IN   A   192.168.1.96
97.0.1.168.192         IN   A   192.168.1.97
98.0.1.168.192         IN   A   192.168.1.98
99.0.1.168.192         IN   A   192.168.1.99
100.0.1.168.192        IN   A   192.168.1.100
101.0.1.168.192        IN   A   192.168.1.101
102.0.1.168.192        IN   A   192.168.1.102
103.0.1.168.192        IN   A   192.168.1.103
104.0.1.168.192        IN   A   192.168.1.104
105.0.1.168.192        IN   A   192.168.1.105
106.0.1.168.192        IN   A   192.168.1.106
107.0.1.168.192        IN   A   192.168.1.107
108.0.1.168.192        IN   A   192.168.1.108
109.0.1.168.192        IN   A   192.168.1.109
110.0.1.168.192        IN   A   192.168.1.110
111.0.1.168.192        IN   A   192.168.1.111
112.0.1.168.192        IN   A   192.168.1.112
113.0.1.168.192        IN   A   192.168.1.113
114.0.1.168.192        IN   A   192.168.1.114
115.0.1.168.192        IN   A   192.168.1.115
116.0.1.168.192        IN   A   192.168.1.116
117.0.1.168.192        IN   A   192.168.1.117
118.0.1.168.192        IN   A   192.168.1.118
119.0.1.168.192        IN   A   192.168.1.119
120.0.1.168.192        IN   A   192.168.1.120
121.0.1.168.192        IN   A   192.168.1.121
122.0.1.168.192        IN   A   192.168.1.122
123.0.1.168.192        IN   A   192.168.1.123
124.0.1.168.192        IN   A   192.168.1.124
125.0.1.168.192        IN   A   192.168.1.125
126.0.1.168.192        IN   A   192.168.1.126
127.0.1.168.192        IN   A   192.168.1.127
t813n              IN   CNAME   s2.muncic.local.
g935f              IN   CNAME   s7e.muncic.local.
jira               IN   CNAME   winsrv16.muncic.local.
www            IN   CNAME   muncic.local.

    And this would be my reverse zone:

    $TTL 3D       ; default ttl for records without a specified lifetime
;$ORIGIN 0.1.168.192.in-addr.arpa.
@                      IN   SOA nas.muncic.local. root.muncic.local. (
                                2017020201   ;  serial number
                                16384        ;  ns refresh
                                2048         ;  ns retry
                                1048576      ;  authority expiry
                                2560        );  min (RFC2308 ยง4)
                       IN   NS  nas.muncic.local.
                       IN   NS  google-public-dns-a.google.com.
35                     IN   PTR a.mx.muncic.local.
0                      IN   PTR 0.0.1.168.192.muncic.local.
1                      IN   PTR router
2                      IN   PTR 2.0.1.168.192.muncic.local.
3                      IN   PTR 3.0.1.168.192.muncic.local.
4                      IN   PTR 4.0.1.168.192.muncic.local.
5                      IN   PTR 5.0.1.168.192.muncic.local.
6                      IN   PTR 6.0.1.168.192.muncic.local.
7                      IN   PTR 7.0.1.168.192.muncic.local.
8                      IN   PTR 8.0.1.168.192.muncic.local.
9                      IN   PTR 9.0.1.168.192.muncic.local.
10                     IN   PTR s7e
11                     IN   PTR 11.0.1.168.192.muncic.local.
12                     IN   PTR winsrv16
13                     IN   PTR 13.0.1.168.192.muncic.local.
14                     IN   PTR 14.0.1.168.192.muncic.local.
15                     IN   PTR 15.0.1.168.192.muncic.local.
16                     IN   PTR 16.0.1.168.192.muncic.local.
17                     IN   PTR 17.0.1.168.192.muncic.local.
18                     IN   PTR 18.0.1.168.192.muncic.local.
19                     IN   PTR 19.0.1.168.192.muncic.local.
20                     IN   PTR 20.0.1.168.192.muncic.local.
21                     IN   PTR 21.0.1.168.192.muncic.local.
22                     IN   PTR 22.0.1.168.192.muncic.local.
23                     IN   PTR 23.0.1.168.192.muncic.local.
24                     IN   PTR htpc
25                     IN   PTR main
26                     IN   PTR 26.0.1.168.192.muncic.local.
27                     IN   PTR 27.0.1.168.192.muncic.local.
28                     IN   PTR 28.0.1.168.192.muncic.local.
29                     IN   PTR 29.0.1.168.192.muncic.local.
30                     IN   PTR 30.0.1.168.192.muncic.local.
31                     IN   PTR s2
32                     IN   PTR 32.0.1.168.192.muncic.local.
33                     IN   PTR 33.0.1.168.192.muncic.local.
34                     IN   PTR 34.0.1.168.192.muncic.local.
35                     IN   PTR 35.0.1.168.192.muncic.local.
36                     IN   PTR 36.0.1.168.192.muncic.local.
37                     IN   PTR 37.0.1.168.192.muncic.local.
38                     IN   PTR 38.0.1.168.192.muncic.local.
39                     IN   PTR 39.0.1.168.192.muncic.local.
40                     IN   PTR 40.0.1.168.192.muncic.local.
41                     IN   PTR 41.0.1.168.192.muncic.local.
42                     IN   PTR 42.0.1.168.192.muncic.local.
43                     IN   PTR 43.0.1.168.192.muncic.local.
44                     IN   PTR 44.0.1.168.192.muncic.local.
45                     IN   PTR 45.0.1.168.192.muncic.local.
46                     IN   PTR 46.0.1.168.192.muncic.local.
47                     IN   PTR 47.0.1.168.192.muncic.local.
48                     IN   PTR 48.0.1.168.192.muncic.local.
49                     IN   PTR 49.0.1.168.192.muncic.local.
50                     IN   PTR 50.0.1.168.192.muncic.local.
51                     IN   PTR 51.0.1.168.192.muncic.local.
52                     IN   PTR 52.0.1.168.192.muncic.local.
53                     IN   PTR 53.0.1.168.192.muncic.local.
54                     IN   PTR 54.0.1.168.192.muncic.local.
55                     IN   PTR 55.0.1.168.192.muncic.local.
56                     IN   PTR 56.0.1.168.192.muncic.local.
57                     IN   PTR 57.0.1.168.192.muncic.local.
58                     IN   PTR 58.0.1.168.192.muncic.local.
59                     IN   PTR 59.0.1.168.192.muncic.local.
60                     IN   PTR 60.0.1.168.192.muncic.local.
61                     IN   PTR 61.0.1.168.192.muncic.local.
62                     IN   PTR 62.0.1.168.192.muncic.local.
63                     IN   PTR 63.0.1.168.192.muncic.local.
64                     IN   PTR 64.0.1.168.192.muncic.local.
65                     IN   PTR 65.0.1.168.192.muncic.local.
66                     IN   PTR 66.0.1.168.192.muncic.local.
67                     IN   PTR 67.0.1.168.192.muncic.local.
68                     IN   PTR 68.0.1.168.192.muncic.local.
69                     IN   PTR 69.0.1.168.192.muncic.local.
70                     IN   PTR 70.0.1.168.192.muncic.local.
71                     IN   PTR 71.0.1.168.192.muncic.local.
72                     IN   PTR 72.0.1.168.192.muncic.local.
73                     IN   PTR 73.0.1.168.192.muncic.local.
74                     IN   PTR 74.0.1.168.192.muncic.local.
75                     IN   PTR 75.0.1.168.192.muncic.local.
76                     IN   PTR 76.0.1.168.192.muncic.local.
77                     IN   PTR 77.0.1.168.192.muncic.local.
78                     IN   PTR 78.0.1.168.192.muncic.local.
79                     IN   PTR 79.0.1.168.192.muncic.local.
80                     IN   PTR 80.0.1.168.192.muncic.local.
81                     IN   PTR 81.0.1.168.192.muncic.local.
82                     IN   PTR 82.0.1.168.192.muncic.local.
83                     IN   PTR 83.0.1.168.192.muncic.local.
84                     IN   PTR 84.0.1.168.192.muncic.local.
85                     IN   PTR 85.0.1.168.192.muncic.local.
86                     IN   PTR 86.0.1.168.192.muncic.local.
87                     IN   PTR 87.0.1.168.192.muncic.local.
88                     IN   PTR 88.0.1.168.192.muncic.local.
89                     IN   PTR 89.0.1.168.192.muncic.local.
90                     IN   PTR 90.0.1.168.192.muncic.local.
91                     IN   PTR 91.0.1.168.192.muncic.local.
92                     IN   PTR 92.0.1.168.192.muncic.local.
93                     IN   PTR 93.0.1.168.192.muncic.local.
94                     IN   PTR 94.0.1.168.192.muncic.local.
95                     IN   PTR 95.0.1.168.192.muncic.local.
96                     IN   PTR 96.0.1.168.192.muncic.local.
97                     IN   PTR 97.0.1.168.192.muncic.local.
98                     IN   PTR 98.0.1.168.192.muncic.local.
99                     IN   PTR 99.0.1.168.192.muncic.local.
100                    IN   PTR 100.0.1.168.192.muncic.local.
101                    IN   PTR 101.0.1.168.192.muncic.local.
102                    IN   PTR 102.0.1.168.192.muncic.local.
103                    IN   PTR 103.0.1.168.192.muncic.local.
104                    IN   PTR 104.0.1.168.192.muncic.local.
105                    IN   PTR 105.0.1.168.192.muncic.local.
106                    IN   PTR 106.0.1.168.192.muncic.local.
107                    IN   PTR 107.0.1.168.192.muncic.local.
108                    IN   PTR 108.0.1.168.192.muncic.local.
109                    IN   PTR 109.0.1.168.192.muncic.local.
110                    IN   PTR 110.0.1.168.192.muncic.local.
111                    IN   PTR 111.0.1.168.192.muncic.local.
112                    IN   PTR 112.0.1.168.192.muncic.local.
113                    IN   PTR 113.0.1.168.192.muncic.local.
114                    IN   PTR 114.0.1.168.192.muncic.local.
115                    IN   PTR 115.0.1.168.192.muncic.local.
116                    IN   PTR 116.0.1.168.192.muncic.local.
117                    IN   PTR 117.0.1.168.192.muncic.local.
118                    IN   PTR 118.0.1.168.192.muncic.local.
119                    IN   PTR 119.0.1.168.192.muncic.local.
120                    IN   PTR 120.0.1.168.192.muncic.local.
121                    IN   PTR 121.0.1.168.192.muncic.local.
122                    IN   PTR 122.0.1.168.192.muncic.local.
123                    IN   PTR 123.0.1.168.192.muncic.local.
124                    IN   PTR 124.0.1.168.192.muncic.local.
125                    IN   PTR 125.0.1.168.192.muncic.local.
126                    IN   PTR 126.0.1.168.192.muncic.local.
127                    IN   PTR 127.0.1.168.192.muncic.local.

    Output of journalctl like so (full log):

    $ journalctl -r -u named --since="2017-02-06 21:23:20" | grep 192.168.1.31

Feb 06 21:23:53 nas named[13865]: client @0x7f2a5419f1c0 192.168.1.31#12998 (www.jspell.com): query: www.jspell.com IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38024500 192.168.1.31#12998 (www.jspell.com): query: www.jspell.com IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38024500 192.168.1.31#1803 (www.gstatic.com.muncic.local): query: www.gstatic.com.muncic.local IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a4400de10 192.168.1.31#5616 (www.gstatic.com): query failed (SERVFAIL) for www.gstatic.com/IN/A at query.c:6805
Feb 06 21:23:48 nas named[13865]: client @0x7f2a4400de10 192.168.1.31#5616 (www.gstatic.com): query: www.gstatic.com IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a3c10fd90 192.168.1.31#22885 (www.gstatic.com): query failed (SERVFAIL) for www.gstatic.com/IN/A at query.c:8298
Feb 06 21:23:48 nas named[13865]: client @0x7f2a54d09360 192.168.1.31#9720 (www.gstatic.com): query failed (SERVFAIL) for www.gstatic.com/IN/A at query.c:8298
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38024500 192.168.1.31#9195 (cdnjs.cloudflare.com): query failed (SERVFAIL) for cdnjs.cloudflare.com/IN/A at query.c:6805
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38024500 192.168.1.31#9195 (cdnjs.cloudflare.com): query: cdnjs.cloudflare.com IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38024500 192.168.1.31#15094 (cdnjs.cloudflare.com): query failed (SERVFAIL) for cdnjs.cloudflare.com/IN/A at query.c:6805
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38024500 192.168.1.31#15094 (cdnjs.cloudflare.com): query: cdnjs.cloudflare.com IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38024500 192.168.1.31#11314 (www.google.de): query failed (SERVFAIL) for www.google.de/IN/A at query.c:6805
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38024500 192.168.1.31#11314 (www.google.de): query: www.google.de IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a54173d80 192.168.1.31#26564 (cdnjs.cloudflare.com): query failed (SERVFAIL) for cdnjs.cloudflare.com/IN/A at query.c:8298
Feb 06 21:23:48 nas named[13865]: client @0x7f2a40013ed0 192.168.1.31#29727 (www.google.de): query failed (SERVFAIL) for www.google.de/IN/A at query.c:8298
Feb 06 21:23:48 nas named[13865]: client @0x7f2a54da5e20 192.168.1.31#28030 (www.google.de): query failed (SERVFAIL) for www.google.de/IN/A at query.c:8298
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38024500 192.168.1.31#31811 (azurecomcdn.azureedge.net): query failed (SERVFAIL) for azurecomcdn.azureedge.net/IN/A at query.c:6805
Feb 06 21:23:48 nas named[13865]: client @0x7f2a54a3f1b0 192.168.1.31#15173 (maxcdn.bootstrapcdn.com): query failed (SERVFAIL) for maxcdn.bootstrapcdn.com/IN/A at query.c:6805
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38024500 192.168.1.31#31811 (azurecomcdn.azureedge.net): query: azurecomcdn.azureedge.net IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a54a3f1b0 192.168.1.31#15173 (maxcdn.bootstrapcdn.com): query: maxcdn.bootstrapcdn.com IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38023a80 192.168.1.31#28154 (id.google.de): query: id.google.de IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38023a80 192.168.1.31#25790 (maxcdn.bootstrapcdn.com): query failed (SERVFAIL) for maxcdn.bootstrapcdn.com/IN/A at query.c:6805
Feb 06 21:23:48 nas named[13865]: client @0x7f2a3c019270 192.168.1.31#4902 (azurecomcdn.azureedge.net): query failed (SERVFAIL) for azurecomcdn.azureedge.net/IN/A at query.c:6805
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38023a80 192.168.1.31#25790 (maxcdn.bootstrapcdn.com): query: maxcdn.bootstrapcdn.com IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a3c019270 192.168.1.31#4902 (azurecomcdn.azureedge.net): query: azurecomcdn.azureedge.net IN A + (192.168.1.35)
Feb 06 21:23:48 nas named[13865]: client @0x7f2a38011920 192.168.1.31#5589 (maxcdn.bootstrapcdn.com): query failed (SERVFAIL) for maxcdn.bootstrapcdn.com/IN/A at query.c:8298
Feb 06 21:23:48 nas named[13865]: client @0x7f2a4c032bd0 192.168.1.31#24651 (id.google.de): query failed (SERVFAIL) for id.google.de/IN/A at query.c:8298
Feb 06 21:23:48 nas named[13865]: client @0x7f2a4c00bb60 192.168.1.31#12649 (id.google.de): query failed (SERVFAIL) for id.google.de/IN/A at query.c:8298
Feb 06 21:23:48 nas named[13865]: client @0x7f2a54d578c0 192.168.1.31#10242 (azurecomcdn.azureedge.net): query failed (SERVFAIL) for azurecomcdn.azureedge.net/IN/A at query.c:8298
Feb 06 21:23:44 nas named[13865]: client @0x7f2a3c10fd90 192.168.1.31#22885 (www.gstatic.com): query: www.gstatic.com IN A + (192.168.1.35)
Feb 06 21:23:44 nas named[13865]: client @0x7f2a54da5e20 192.168.1.31#28030 (www.google.de): query: www.google.de IN A + (192.168.1.35)
    • Admin
      Admin about 7 years
      Possibly solved my issue by explicitly setting the address to listen on. In this case: listen-on { 192.168.1.35; }; . Will monitor the log and ultimately confirm within the next 24hrs.
    • Admin
      Admin about 7 years
      Still receiving servfail errors in my dns server log but since explicitly setting the ip address to listen on I have not received any errors in my browser on this device yet and I also feel query performance has increased. The latter of course is highly subjective. The servfail error points to a C file query.c at line 8298. I am also looking into the bind9 parameter edns-udp-size in connection with my router/internet modem. I once flashed a Telekom Speedport W920V into a AVM FritzBox 7570 vDSL which I still use as my vDSL modem/router. Still very much hoping for some pointers. Cheers.
    • Admin
      Admin about 7 years
      I have done some more work on my named.conf and my zones. First I allowed my dns server to query itself rather than to use resolv.conf. Also I noticed in my forward zone in my NS declaration I started with muncic.localinstead of leaving that out completely. Further in my reverse zone I missed to declare a PTR record for my dns server (35 PTR {..}). These are just a few of my changes. Just to be thorough I worked my dhcpd.conf over too cleaning it up. So far no failed queries. In case this holds for the next 24hrs I will post my changes pointing out what was most likely wrong.
    • Admin
      Admin about 7 years
      Preliminary result: $ journalctl -u named --since="2017-02-13 00:00" | grep -c SERVFAIL 346 $ journalctl -u named --since="2017-02-13 23:04:30" | grep -c SERVFAIL 0 $ date Tue 14 Feb 05:40:16 CET 2017 Looking real good! Longer write-up of possible solution tonight.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to change DNS on a minimal networking setup
Docker DNS settings
Ubuntu DNS Error Chrome: DNS_PROBE_FINISHED_NXDOMAIN, Firefox similar
Reverse DNS lookups slowing down network operations on LAN
Unable to use internet due to suspected DNS malware
How do I debug Bind9 DNS server configuration? It is not sending requests to forwarders
Could not resolve host error
Set DNS manually on KDE
Google Chrome "resolving host" error on every DNS except OpenDNS
Using iptables to redirect traffic to a dynamic DNS name instead of an IP address?