Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
ericroot2014-10-14 10:08:34
Domain Name System
ericroot, 2014-10-14 10:08:34

Nxdomain and mismatch responses, how to distinguish and get rid of?

Hello.
It so happened that the responsibility for the DNS server fell on me.
There were a lot of questions, unfortunately, hands have not yet reached the DNS and BIND book.
I would like to clarify what nxdomain and mismath responses are and how they are reflected in the logs?
Here is the graph: prntscr.com/4w0j50
from 20:00 to 0:00
Mismatch peaks are visible on it
. And here is the log: pastebin.com/MZ8GS6vU
At peak times, similar requests are visible in the logs, requests for non-existent subdomains:

Oct 13 23:20:20 ns1 named[1893]: DNS format error from 193.227.240.39#53 resolving mnozhemizw.ru/AAAA for client 10.32.18.27#60499: Name . (SOA) not subdomain of zone mnozhemizw.ru -- invalid response
Oct 13 23:20:20 ns1 named[1893]: DNS format error from 193.227.240.40#53 resolving hopmisterv.ru/AAAA for client 10.32.18.27#59374: Name . (SOA) not subdomain of zone hopmisterv.ru -- invalid response
Oct 13 23:20:20 ns1 named[1893]: DNS format error from 193.227.240.39#53 resolving hopmisterv.ru/AAAA for client 10.32.18.27#59374: Name . (SOA) not subdomain of zone hopmisterv.ru -- invalid response

But there are also such requests in the logs that there is no answer:
Oct 13 20:00:02 ns1 named[1893]: DNS format error from 96.46.150.36#53 resolving p1024.papi.cddbp.net/AAAA for client 10.32.57.221#33795: reply has no answer
Oct 13 20:00:02 ns1 named[1893]: DNS format error from 208.72.242.170#53 resolving p1024.papi.cddbp.net/AAAA for client 10.32.57.221#33795: reply has no answer
Oct 13 20:00:02 ns1 named[1893]: DNS format error from 96.46.150.37#53 resolving p1024.papi.cddbp.net/AAAA for client 10.32.57.221#33795: reply has no answer
Oct 13 20:00:03 ns1 named[1893]: DNS format error from 209.10.41.188#53 resolving p1024.papi.cddbp.net/AAAA for client 10.32.57.221#33795: reply has no answer
Oct 13 20:00:03 ns1 named[1893]: DNS format error from 209.10.41.187#53 resolving p1024.papi.cddbp.net/AAAA for client 10.32.57.221#33795: reply has no answer
Oct 13 20:00:07 ns1 named[1893]: DNS format error from 96.46.150.37#53 resolving p1024.papi.cddbp.net/AAAA for client 10.32.57.221#33795: reply has no answer

Which one is nxdomain and which one is mismatch?
Please do not attack immediately with messages to Google. It works, I'm not banned there. Would love to get advice from those in the know.
Also, how dangerous and harmful is it for the DNS server? I believe these are viruses in clients.
More requests can be seen that ipv6 (AAAA), but there is no support for ipv6 on the DNS.
Server config, not configured by me:
pastebin.com/WXvgqzYR
ipv6 is disabled in sysconfig at startup.
bind version 9.9.5

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
K
konfetolog2013-11-19 21:10:01
What happens to a domain during a registrar change? 2Reply
S
Sergey Mushtuk2013-11-20 15:59:11
How to make a 301 redirect for all IPs except your own? 2Reply
M
michaelvasilchenko2018-07-19 15:07:37
How to create an A record within a domain so as not to violate the integrity of all zones? 2Reply
M
MadRat2013-11-28 00:35:40
How to block multiple websites with Bind10? 2Reply
D
Daniil Igorevich2016-03-06 14:16:34
What's the problem with loading tasks? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question