[dns-operations] McAfee contacts? Nameserver emitting CLASS0 SOA responses, crashes 'dig', makes PowerDNS log odd errors

bert hubert bert.hubert at netherlabs.nl
Wed Dec 8 12:14:32 UTC 2010

Hi everybody,

If you know anyone over at McAfee in a DNS position, the following might be
relevant to their interests:

Feast your eyes in this:

$ dig -t ipseckey 0.11-234343.avqs.mcafee.com +trace
avqs.mcafee.com.        86400   IN      NS      local.cloud.mcafee.com.
;; Received 71 bytes from in 1 ms

Segmentation fault

It appears that McAfee is sending out class=0 NXDOMAINS SOA records (on
another system with a different 'dig'):

;; Warning: Message parser reports malformed message packet.
avqs.mcafee.com.        600     RESERVED0 SOA   mcafee.com. hostmaster. 1291809121 1800 600 604800 600
;; Received 102 bytes from in 22 ms

Unfortunately, this condition triggers an error message in the PowerDNS
Recursor, which in turn generates around 10 log messages/second on some busy
installations with customers generating these lookups.

Since this situation also confuses/crashes 'dig', could someone from McAfee
look into the situation? It is probably not benefitial to whatever service
they are trying to provide.

Kind regards,

Bert Hubert

More information about the dns-operations mailing list