[dnscap-users] dnscap returns "Message too long"
Shawn Zhou
shawnzhou00 at yahoo.com
Wed Feb 24 21:52:17 UTC 2016
Have anyone seen "Message too long" in dnscap output before?I wonder where dnscap gets "Message too long" from.
>From dnscap:[179] 2016-02-24 18:49:13.195337 [#5936 "some interface" 4095] \ [10.145.50.95].53 [10.73.201.188].10074 \ dns QUERY,NOERROR,52303,qr|rd|ra \ 1 pixel2368.everesttech.net,IN,AAAA \ 1 pixel2368.everesttech.net,IN,CNAME,64,tp00.everesttech.net.akadns.net \ 1 akadns.net,IN,SOA,19,internal.akadns.net,hostmaster.akamai.com,1456339592,90000,90000,90000,180 0[513] 2016-02-24 18:49:13.195401 [#5937 "some interface" 4095] \ [10.145.50.95].53 [10.73.201.188].23275 \ dns Message too long[73] 2016-02-24 18:49:13.195566 [#5938 "some interface" 4095] \ [216.145.54.155].26802 [10.145.50.95].53 \ dns QUERY,NOERROR,62586,rd \
tcpdump did show that 10.145.50.95 sent the response to 10.73.201.188:18:49:13.195291 IP 10.73.201.188.10074 > 10.145.50.95.53: 52303+ AAAA? pixel2368.everesttech.net. (43)18:49:13.195294 IP 10.145.50.95.53 > 10.73.201.188.51695: 37426 10/10/2 CNAME akamai-pixel.quantserve.com.akadns.net., CNAME px-lax007.quantserve.com.akadns.net., A 64.95.32.44, A 64.95.32.36, A 64.95.32.22, A 64.95.32.23, A 64.95.32.29, A 64.95.32.39, A 64.95.32.47, A 64.95.32.34 (498)18:49:13.195299 IP 10.145.50.95.53 > 10.73.201.188.27723: 63678 2/1/0 CNAME akamai-pixel.quantserve.com.akadns.net., CNAME px-lax007.quantserve.com.akadns.net. (177)18:49:13.195337 IP 10.145.50.95.53 > 10.73.201.188.10074: 52303 1/1/0 CNAME tp00.everesttech.net.akadns.net. (151)18:49:13.195401 IP 10.145.50.95.53 > 10.73.201.188.23275: 58794 2/10/10 CNAME tp00.everesttech.net.akadns.net., A 192.243.232.36 (485)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dnscap-users/attachments/20160224/b8cfa4c9/attachment.html>
More information about the dnscap-users
mailing list