wpad.dat in Apache error log

OP
A

adriftinitland

Member

Reaction score: 1
Messages: 57

Thanks for reply wblock:
named is not enabled on the server.
Code:
named_enable="NO"  # Run named, the DNS server (or NO).

[CMD="dig"]wpad.my_fqdn.com[/CMD]

Code:
; <<>> DiG 9.6.-ESV-R3 <<>> wpad.my_mqdn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14975
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;wpad.my_mqdn.com.               IN      A

;; ANSWER SECTION:
wpad.my_mqdn.com.        6782    IN      A       My server IP ***.***.***.***

;; Query time: 45 msec
;; SERVER: 68.87.77.130#53(68.87.77.130)
;; WHEN: Fri Nov 25 09:31:25 2011
;; MSG SIZE  rcvd: 49

Also tried:
[CMD="dig"]@68.87.77.130 wpad.my_fqdn.com[/CMD]

Code:
; <<>> DiG 9.6.-ESV-R3 <<>> @68.87.77.130 wpad.my_fqdn.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3339
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;wpad.my_fqdn.com.               IN      A

;; ANSWER SECTION:
wpad.my_fqdn.com        7200    IN      A       My server IP ***.***.***.***

;; Query time: 103 msec
;; SERVER: 68.87.77.130#53(68.87.77.130)
;; WHEN: Fri Nov 25 09:38:28 2011
;; MSG SIZE  rcvd: 49

and then for the heck of it:
[CMD="dig"]@68.87.77.130 different.my_fqdn.com[/CMD]

Code:
; <<>> DiG 9.6.-ESV-R3 <<>> @68.87.77.130 different.my_fqdn.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59095
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;different.my_fqdn.com.          IN      A

;; ANSWER SECTION:
different.my_fqdn.com.   7200    IN      A       My server IP ***.***.***.***

;; Query time: 66 msec
;; SERVER: 68.87.77.130#53(68.87.77.130)
;; WHEN: Fri Nov 25 09:40:28 2011
;; MSG SIZE  rcvd: 54

What this tells me I do not know. Is the information useful?

My registrar for domain name is Network Solutions and I can not find anything in the configuration section or elsewhere that has anything to do with wpad.
 

wblock@

Beastie Himself
Developer

Reaction score: 3,732
Messages: 13,851

adriftinitland said:
Thanks for reply wblock:
named is not enabled on the server.
Code:
named_enable="NO"  # Run named, the DNS server (or NO).

That's from /etc/defaults/rc.conf. Those are defaults, and should not be changed. If you were to set
Code:
named_enable="YES"
in /etc/rc.conf (overriding the default), then named would run.

Anyway, it's /etc/rc.conf that's important.

(Note: the parameter in the cmd tag is for a prompt. The command itself goes between the tags.)

[CMD="dig"]wpad.my_fqdn.com[/CMD]

Code:
; <<>> DiG 9.6.-ESV-R3 <<>> wpad.my_mqdn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14975
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;wpad.my_mqdn.com.               IN      A

;; ANSWER SECTION:
wpad.my_mqdn.com.        6782    IN      A       My server IP ***.***.***.***

;; Query time: 45 msec
;; SERVER: 68.87.77.130#53(68.87.77.130)
;; WHEN: Fri Nov 25 09:31:25 2011
;; MSG SIZE  rcvd: 49

If the name wasn't found, you'd get a status: NXDOMAIN message. But instead it says, "sure, I've got that name and address, here it is."

You should also get an AUTHORITY section that shows who is authoritative for those addresses. (Hint: worldnic.com is Network Solutions.) So log in to their web interface or contact them and have them remove the wpad entry.
 
OP
A

adriftinitland

Member

Reaction score: 1
Messages: 57

wblock: Thanks again.
Not enabled in /etc/rc.conf.

I can do this:
So log in to their web interface or contact them and have them remove the wpad entry.

But my question is, I get the same response to each of the three inquiries so how do I know there is an entry for wpad? Wouldn't there have to be an entry for
Code:
different.my_fqdn.com
as well?

I am confused as you can tell.
 

wblock@

Beastie Himself
Developer

Reaction score: 3,732
Messages: 13,851

Are you saying different.my_fqdn.com doesn't actually exist? So these return results instead of a "cannot resolve" error?
Code:
% ping obviouslyfake.my_fqdn.com
% ping notreallythere.my_fqdn.com
% ping neverdefined.my_fqdn.com

Wildcard DNS?
 
OP
A

adriftinitland

Member

Reaction score: 1
Messages: 57

wblock:

The only thing that exists is
Code:
my_fqdn.com

there is no
Code:
wpad.my_fqdn.com
or
Code:
different.my_fqdn.com
etc. etc.
 
OP
A

adriftinitland

Member

Reaction score: 1
Messages: 57

Yes, they return results:

[CMD="ping"]obviouslyfake.my_fqdn.com[/CMD]

Code:
PING obviouslyfake.my_fqdn.com (my_ip: ***.***.***.***): 56 data bytes
64 bytes from my_ip: ***.***.***.***: icmp_seq=0 ttl=64 time=1.023 ms
64 bytes from my_ip: ***.***.***.***: icmp_seq=1 ttl=64 time=1.126 ms
64 bytes from my_ip: ***.***.***.***: icmp_seq=2 ttl=64 time=1.124 ms
64 bytes from my_ip: ***.***.***.***: icmp_seq=3 ttl=64 time=1.126 ms
64 bytes from my_ip: ***.***.***.***: icmp_seq=4 ttl=64 time=1.124 ms
--- obviouslyfake.my_fqdn.com ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 1.023/1.105/1.126/0.041 ms


[CMD="ping"]my_fqdn.com[/CMD]
Code:
PING localhost (192.168.1.10): 56 data bytes
64 bytes from 192.168.1.10: icmp_seq=0 ttl=64 time=0.041 ms
64 bytes from 192.168.1.10: icmp_seq=1 ttl=64 time=0.033 ms
64 bytes from 192.168.1.10: icmp_seq=2 ttl=64 time=0.029 ms
64 bytes from 192.168.1.10: icmp_seq=3 ttl=64 time=0.027 ms
64 bytes from 192.168.1.10: icmp_seq=4 ttl=64 time=0.027 ms
--- localhost ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.027/0.031/0.041/0.005 ms
 

wblock@

Beastie Himself
Developer

Reaction score: 3,732
Messages: 13,851

Yes, that's wildcard DNS. Maybe the previous admin set that up.
 
OP
A

adriftinitland

Member

Reaction score: 1
Messages: 57

After weeks of trying I have no solution to the problem of the error messages for wpad.dat in my error_log file:
Code:
File does not exist
This creates huge log files so I have decided to try and filter out this particular error message so it doesn't continue to bloat the error logs. If you can point me in the right direction to do that please let me know.
 

wblock@

Beastie Himself
Developer

Reaction score: 3,732
Messages: 13,851

What happened with the effort to get the wildcard DNS turned off?
 
OP
A

adriftinitland

Member

Reaction score: 1
Messages: 57

Thanks for your reply wblock. I apologize. I did not know the goal was to turn off wildcard DNS. However, I am at a loss on how to accomplish that. I do not have bind installed on my server.
 
OP
A

adriftinitland

Member

Reaction score: 1
Messages: 57

wblock:
I have delete this dns record:
Code:
* (all others) .mfqdn.com 7200
Will that cure the error_log problem?
 

wblock@

Beastie Himself
Developer

Reaction score: 3,732
Messages: 13,851

As soon as the DNS records propagate, whatever is trying to query wpad.my_mqdn.com will not be able to resolve that. So it *should* stop.
 
OP
A

adriftinitland

Member

Reaction score: 1
Messages: 57

Hallelujah!
That appears to have worked. No more wpad.dat errors in the error_log. I can hardly believe it but I am extremely grateful. Thank you wblock.

An interesting side effect. I was unable to send or receive mail through the server after the DNS A record change. I got it working again by changing my email program settings to
Code:
mfqdm.com
from
Code:
pop3.mfqdn.com
and to
Code:
mfqdn.com
from
Code:
smtp.mfqdn.com

Why that change was required I do not understand but it doesn't seem right.
 

DutchDaemon

Administrator
Staff member
Administrator
Moderator
Developer

Reaction score: 3,183
Messages: 11,426

I'm assuming then that pop3.mfqdn.com = smtp.mfqdn.com = mfqdn.com? Either give them all the same A record, or give the other two CNAME records to mfqdn.com.
 

wblock@

Beastie Himself
Developer

Reaction score: 3,732
Messages: 13,851

Yes, add DNS entries for pop3 and smtp. And that neatly explains what was going on. Whoever set up the domain initially saved themselves a tiny bit of time by using wildcard DNS. That time saved was really at the expense of the people who would have to work on it later. Just another lesson that even trivial things ought to be done right, because later they might become nontrivial.
 
OP
A

adriftinitland

Member

Reaction score: 1
Messages: 57

wblock thanks!

I think I have the mx records correct. Might take a few hours to tell for sure. I'll report back.
 
OP
A

adriftinitland

Member

Reaction score: 1
Messages: 57

Thanks wblock!
Everything is functioning as expected. My server's error_log is back to a reasonable size. There are no longer thousands of wpad.dat error messages everyday. Mail server is fine. Life is good.
Again, thank you and Happy Holidays!
 
Top