DNS Question...

[FBSDin20Steps]

Hi all,

I was browsing through my logs and I found this entry in /var/log/auth.log

Feb  7 12:57:14 centiger firefox-bin: gethostby*.getanswer: asked for "simon.nitro.dk IN AAAA", got type "SOA"

Can someone please explain in short terms what this mean?

 

[DutchDaemon]

Do you have any special settings in unbound (like local-zone or local-data)?

 

[FBSDin20Steps]

Not that I know of...

 

[DutchDaemon]

It basically means that a DNS lookup resulted in a reply that differs from the expected one. E.g I use unbound as my resolver, and I have certain DNS zones I do not want any contact with, so I redirected them to a local zone with fake data. Whenever I (or my web browser) tries to resolve a hostname in a zone like that, I get a similar log line, like:

Feb 14 02:16:12 box firefox-bin: gethostby*.getanswer: asked for "ad.doubleclick.net", got "doubleclick.net"

In your case, you asked for an AAAA record (IPv6 A record) and got a SOA record (Start of Authority) back. This may have been a temporary failure in that zone's ACLs (telling you to look elsewhere).

 

[FBSDin20Steps]

Thanks for the clear explanation. Funny this is I've never seen this before in my logs. Suspicious as I am... I can ignore this?

 

[DutchDaemon]

Yeah, it looks like a freak occurrence.

 

[FBSDin20Steps]

LOL Maybe Simon is trying to tell me something... :e
Well, anyway. Thanks Dutch

 

[jamaroney]

I'm resuming this old thread because I have the same problem.

Starting a couple of weeks ago, I started getting this message many times every day:

transmission-daemon 99225 - - gethostby*.getanswer: asked for "opentracker.i2p.rocks IN AAAA", got type "SOA"

What's going on? Is there anything I can do to prevent this?

 

[jbo@]

I'm resuming this old thread because I have the same problem.

How about creating a new topic and referencing this one instead?
It has been 14 years.