[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: named complaining about lame servers when resolving



Malcolm Ferguson wrote:
> Jacob Anawalt wrote:
> >Malcolm Ferguson wrote:
> >>Error message (repeated over and over):
> >>Sep 22 17:12:00 ns1 named[12680]: lame server resolving 
> >>'75.1.5.198.in-addr.arpa' (in '1.5.198.in-addr.arpa'?): 198.6.1.161#53
> >
> >Are you recieving SMTP or other external traffic with a service that 
> >may be trying to resolve IP addresses to names?

If it is occuring again and again it would indicate that something is
trying to resolve the address again and again.  Check your mail queue
with 'mailq' and it is possible that something is there poking it.  If
so it will eventually time out after 3 or 5 days.  :-)

If these are on your name servers serving other machines then any of
the clients could be trying to resolve these addresses and that would
also trigger this behavior.  This can be hard to track down.  It is
probably not worth the effort.

> No traffic.  I just did a bad type-o when doing an nslookup on another 
> box.  Ever since I've been getting these messages from bind.

I don't see how those could be related.  Probably just a coincidence.

> Ever since though, both of them have been logging messages about the
> lame server.
> 
> Now, it's perfectly possible that I've misconfigured the names servers, 
> or that I'm not understanding how DNS works as I'm pretty new to this.

The message "lame server resolving" is one of those FAQs the root
problem of which always escapes me when I have not looked at it for a
while.  But basically the problem is not on your end.  Your DNS
servers are probably configured fine.

I looked up that address and I also see the lame server on my end.  It
appears that auth03.ns.UU.NET and auth50.ns.UU.NET are designated as
authoritative for 1.5.198.in-addr.arpa but that they are not
configured to return answers for 75.1.5.198.in-addr.arpa which they
should since it is within their domain.  In fact the two servers
return completely different data to queries.  In DNS speak, they are
'lame'.  In the vernacular, they are hosed up.

Here are commands which should return the same information but show
some of the problems.  The first shows that the second two are
supposed to be the authoritative name servers.  If I read this right I
would say they are b0rken.

  dig 1.5.198.in-addr.arpa ns
  dig @auth03.ns.UU.NET 75.1.5.198.in-addr.arpa ptr
  dig @auth50.ns.UU.NET 75.1.5.198.in-addr.arpa ptr

In the bind faq:

  http://www.nominum.com/getOpenSourceResource.php?id=6#faq_95

  What are these "lame server" errors in my logs?

  A "lame server" is a server that does not believe it is authoritative
  for a domain which has been delegated to it.  The "lame server"
  messages can be useful if you have the lame server, or are a domain
  delegated to the lame server.  If you would rather not see the "lame
  server" messages, you can discard them using the logging statement:

  logging {
    category lame-servers{ null; };
  };

Hope that helps,
Bob

Attachment: pgpYqtiDBliiz.pgp
Description: PGP signature


Reply to: