SERVFAIL
mirazsarker opened this issue · 1 comments
mirazsarker commented
i am faceing this
root@vmi697131:/zdns# echo "199.59.243.200" | ./zdns alookup/zdns# echo "censys.io" | ./zdns mxlookup --ipv4-lookup
{"name":"199.59.243.200","status":"SERVFAIL","timestamp":"2022-06-02T19:47:14+02:00"}
root@vmi697131:
{"name":"censys.io","status":"SERVFAIL","timestamp":"2022-06-02T19:50:40+02:00"}
PenelopeFudd commented
I'm getting SERVFAIL too.
I figured out why:
- If not specified, zdns uses the nameserver listed in the file
/etc/resolv.conf - On Ubuntu 18.04 and 20.04, that is 127.0.0.53, the address of the systemd resolver called systemd-resolved.
- When zdns sends a request to 127.0.0.53, it should use the source ip address 127.0.0.1, but instead uses the default address for the machine
- systemd-resolved generates the following error and returns the SERVFAIL message to zdns:
# journalctl -u systemd-resolved | grep Got | tail -n1
Nov 03 12:17:26 ns3.example.com systemd-resolved[508]: Got packet on unexpected IP range, refusing.
- systemd-resolved is expecting the source ip to be in the range 127.0.0.0 to 127.255.255.255 (127.0.0.1/8).
Solutions:
- Tell zdns to use the local address 127.0.0.1:
zdns -local-addr 127.0.0.1 ...... - Tell zdns to use another name server:
zdns -name-servers 8.8.8.8 ..... - Tell systemd-resolved to allow that IP?
- Use some iptables rules to change the source IP?
- Update zdns to use the ip address of the interface it's using?
- This may already be fixed in the current version of zdns, I haven't checked.
Good luck!