DNS Query But Get Reply Code : Format Error

This is strange problem, when update BIND this time, suddenly, DNS query failed. I cannot find reason, I thought that should be NAT problem originally, because it cannot all other domains but Intranet domain, So, after capture packet to observe it. found root cause eventually , the DNS server replay me Format Error.

The DNS server is intranet DNS server, and used BIND domain name forwarding function to get domain name from intranet server. suppose that used a old DNS server, so, something happen. After analyze packet format between good and fail packets, it shows interesting result. fail packet has DNS Cookies .

Fail Query Packet

Good Query Packet

Root cause might be BIND default enable DNS Cookies on after 9.11.0 . But my previous bind version is 9.11.x. suppose already enable Cookie.

Solution is to disable cookie , modify bind configure file and add send-cookie no to option session. it works.

DNS Cookies in BIND 9.10 and 9.11

Related posts

Leave a Comment

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>