Hello! How are you? I started having a problem with BIND9. Something must have changed, because I start getting SERVFAIL a lot. Looks like this: 25-Jul-2018 07:44:09.647 client @0x7fa268223c10 192.168.78.30#56577 ( aax-eu.amazon-adsystem.com): view internal-enp1s0f3: query failed (SERVFAIL) for aax-eu.amazon-adsystem.com/IN/AAAA at ../../../bin/named/query.c:6885 25-Jul-2018 07:44:09.647 client @0x7fa2380e1ea0 192.168.81.30#41771 ( aax-eu.amazon-adsystem.com): view internal-enp1s0f2: query failed (SERVFAIL) for aax-eu.amazon-adsystem.com/IN/AAAA at ../../../bin/named/query.c:6885 25-Jul-2018 07:44:09.647 client @0x7fa2440c7ef0 2001:470:1f1b:5b3::b4a#41516 (aax-eu.amazon-adsystem.com): view internal-enp1s0f3: query failed (SERVFAIL) for aax-eu.amazon-adsystem.com/IN/AAAA at ../../../bin/named/query.c:6885 25-Jul-2018 07:44:09.647 client @0x7fa2380e1ea0 192.168.81.30#41771 ( aax-eu.amazon-adsystem.com): view internal-enp1s0f2: query failed (SERVFAIL) for aax-eu.amazon-adsystem.com/IN/AAAA at ../../../bin/named/query.c:6885 25-Jul-2018 07:44:09.648 client @0x7fa2440c7ef0 2001:470:1f1b:5b3::b4a#41516 (aax-eu.amazon-adsystem.com): view internal-enp1s0f3: query failed (SERVFAIL) for aax-eu.amazon-adsystem.com/IN/AAAA at ../../../bin/named/query.c:6885 25-Jul-2018 07:44:09.648 client @0x7fa2340836e0 2001:470:1f1b:5b5::b4a#50353 (aax-eu.amazon-adsystem.com): view internal-enp1s0f2: query failed (SERVFAIL) for aax-eu.amazon-adsystem.com/IN/AAAA at ../../../bin/named/query.c:6885 25-Jul-2018 07:44:09.648 client @0x7fa2440c7ef0 2001:470:1f1b:5b5::b4a#50353 (aax-eu.amazon-adsystem.com): view internal-enp1s0f2: query failed (SERVFAIL) for aax-eu.amazon-adsystem.com/IN/AAAA at ../../../bin/named/query.c:6885
To me, it looks like, the requests try the AAAA ipv6 addresses but they are not in IPv6 and because of that it gives a SERVFAIL. Is there a way to give a priority to the BIND9 request before the IPv6 and first try the IPv4 and if there is no IPv4 result, then try IPv6. Because now, it gives a few SERVFAIL (I have to refresh the browser, to make it work to get), I guess, get the IPv4 if only works after a few refreshes. Even, if I do a dig on it iit shows, there is no AAAA: root@server:/etc/nginx/sites-enabled# dig aax-eu.amazon-adsystem.com ; <<>> DiG 9.11.3-2-Debian <<>> aax-eu.amazon-adsystem.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27021 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: e45e832118506bb5a0758eeb5b580e51c9b57c8a8d971011 (good) ;; QUESTION SECTION: ;aax-eu.amazon-adsystem.com. IN A ;; ANSWER SECTION: aax-eu.amazon-adsystem.com. 60 IN A 52.94.216.48 ;; AUTHORITY SECTION: aax-eu.amazon-adsystem.com. 860 IN NS ns-921.amazon.com. aax-eu.amazon-adsystem.com. 860 IN NS ns-911.amazon.com. aax-eu.amazon-adsystem.com. 860 IN NS ns-932.amazon.com. aax-eu.amazon-adsystem.com. 860 IN NS ns-931.amazon.com. aax-eu.amazon-adsystem.com. 860 IN NS ns-912.amazon.com. aax-eu.amazon-adsystem.com. 860 IN NS ns-923.amazon.com. ;; Query time: 52 msec ;; SERVER: 192.168.78.20#53(192.168.78.20) ;; WHEN: Wed Jul 25 07:44:49 CEST 2018 ;; MSG SIZE rcvd: 232 Is there any solution for this? It just started happening in the last week. *Patrik* WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> | NPM <https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com> | +36 20 342 8046
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
