or, Shit Named Says
server named[$PID]: dispatch $HEXVALUE: shutting down due to TCP receive error: $IPADDRESS#53: connection reset.Consensus seems to be:
- remote nameserver is responding to the UDP query with a corrupt packet;
- our named then repeats the query using TCP;
- remote named refuses TCP query.
Note that $IPADDRESS is not necessarilly either the target remote name server OR the address being queried.
(
source)
Nov 1 13:29:38 server named[1007]: network unreachable resolving '$NAME/AAAA/IN': 2001:500:1::803f:235#53Named is trying to look up IPv6 addresses because something (probably a web browser) is trying to prefer IPv6 because it is the way of the future (Firefox, I'm looking at you).
Solution: start up named with the -4 parameter which tells it to ignore IPv6. In CentOS 6, this is accomplished by adding the line
...to the file /etc/sysconfig/named
Feb 22 04:40:10 server named[15967]: success resolving '$ZONE/TXT' (in '$ZONE'?) after reducing the advertised EDNS UDP packet size to 512 octetsThis is the leading edge of chaos. Bind makes EDNS queries (which are related to DNSSEC) to ALL remote nameservers, even if DNSSEC is not indicated. Some remote servers can't deal with this, causing our nameserver to log this error.
Solution: don't log that message. Turn it off as so:
logging {
category lame-servers {null; };
category edns-disabled { null; };
};
(
Source)