[Pdns-users] PowerDNS Recursor: McAfee-related errors in your log files
Curtis Maurand
curtis at maurand.com
Wed Dec 8 14:05:24 UTC 2010
You might try posting a message to the nanog list.
--Curtis
On 12/8/2010 7:43 AM, bert hubert wrote:
> Dear PowerDNS Recursor users,
>
> If you have McAfee users among your client base, you may currently be seeing
> errors like these in your log file:
>
> pdns_recursor[4024]: DNS parser error:
> 0.xx-xxxxxxxxx.xxxxxx.1xxx.xxxx.xxxx.xxx.x.xxxxxxxxxxxxxxxxxxxxxxxxxx.avqs.mcafee.com.,
> Parsing record content: expected digits at position 9 in
> '\# 45 0000000000000000000000000000000000000000000000000000000000000000000000000000093a8000000258'
>
> These errors are harmless to your general Recursor operations, but the
> McAfee program generating these queries will be reporting timeouts to your
> end-users.
>
> The root cause of this error is a protocol violation by the McAfee
> nameserver software. We are attempting to contact McAfee so that they can
> become aware of this error. In short, they are emitting answers in 'CLASS0'
> instead of in 'CLASS IN'.
>
> This causes PowerDNS to log the scary errors reported above. Additionally,
> it crashes many versions of 'dig'.
>
> We are attempting to contact McAfee. If you know anyone in a DNS position
> there, please let me know. In the meantime, if you want to get rid of this
> error and you can recompile your PowerDNS Recursor, you can use:
>
> Index: dnsparser.cc
> ===================================================================
> --- dnsparser.cc (revision 1745)
> +++ dnsparser.cc (working copy)
> @@ -246,6 +246,8 @@
> dr.d_ttl=ah.d_ttl;
> dr.d_type=ah.d_type;
> dr.d_class=ah.d_class;
> + if(dr.d_class == 0)
> + dr.d_class = 1;
>
> dr.d_label=label;
> dr.d_clen=ah.d_clen;
>
> Kind regards,
>
> Bert Hubert
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
More information about the Pdns-users
mailing list