[dns-operations] McAfee contacts? Nameserver emitting CLASS0 SOA responses, crashes 'dig', makes PowerDNS log odd errors
bert hubert
bert.hubert at netherlabs.nl
Wed Dec 8 12:14:32 UTC 2010
Hi everybody,
If you know anyone over at McAfee in a DNS position, the following might be
relevant to their interests:
Feast your eyes in this:
$ dig -t ipseckey 0.11-234343.avqs.mcafee.com +trace
...
avqs.mcafee.com. 86400 IN NS local.cloud.mcafee.com.
;; Received 71 bytes from 193.108.91.2#53(ns1-2.akam.net) in 1 ms
Segmentation fault
(!)
It appears that McAfee is sending out class=0 NXDOMAINS SOA records (on
another system with a different 'dig'):
;; Warning: Message parser reports malformed message packet.
avqs.mcafee.com. 600 RESERVED0 SOA mcafee.com. hostmaster. 1291809121 1800 600 604800 600
;; Received 102 bytes from 81.173.111.74#53(local.cloud.mcafee.com) in 22 ms
Unfortunately, this condition triggers an error message in the PowerDNS
Recursor, which in turn generates around 10 log messages/second on some busy
installations with customers generating these lookups.
Since this situation also confuses/crashes 'dig', could someone from McAfee
look into the situation? It is probably not benefitial to whatever service
they are trying to provide.
Kind regards,
Bert Hubert
More information about the dns-operations
mailing list