[dns-operations] Command Line BIND Query to Delegating Name Servers Gives FORMERR - Is this Bad for Normal DNS Operations by Public Resolvers?
jason.hynds at gmail.com
Mon Sep 20 13:37:24 UTC 2021
I hope that the following conforms to the content expected of this list.
I stumbled on some /name servers/ (a branch of a ccTLD, performing a
public good service, as far as I know) which are giving a FORMat ERRor
(FORMERR) to default /dig/ queries from the command line as described in
the referenced webpage, see  below. The workaround of +nocookie
described in the blog allows for a successful query response. /Nslookup/
queries work fine.
I should mention that I have no administrative authority of the name
servers showing this condition. I'm just noticed the behaviour whilst
checking on a DNS hosting migration for a client of the name servers
exhibiting the behaviour.
Would someone be able to advise me on:
1. How bad it may be for an authoritative or delegating name server to
be exhibiting this behaviour?
2. Does this potentially cause a resolution outage, or would a BIND
server adjust and re-query in order to obtain a usable result?
3. Is the BIND server non-compliant, or the likely Microsoft DNS
non-compliant, to an RFC?
4. How would I explain such an issue to a name server operator who I do
I appreciate any guidance provided. I apologies in advance if I violated
any list policy. Thanks for any assistance.
 FORMERR from Microsoft DNS Server for DIG. Posted January 20,
2017 at 11:18 PM MST by Kevin Locke
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations