Today, a fax machine at the office started complaining that it couldn’t send emails. No useful error messages or anything…

After some digging it turns out the fax machine was getting SERVFAIL from the name server. This nameserver carries slaved zones for certain domains used for critical infrastructure, and it turns out there was a problem getting updates from upstream.

Unfortunately the error message was not very helpful:

Mar 11 11:16:04 ns3 named[4180]: transfer of '' from failed while receiving responses: CNAME and other data
Mar 11 11:16:04 ns3 named[4180]: transfer of '' from end of transfer

After a little digging I found a useful command installed by the bind package: named-checkzone

This command made it easy to see where the error came from. First I grabbed the zone using dig with the axfr option:

dig axfr > /root/

Next I used named-checkzone to parse the zone and reveal the problem:

named-checkzone -d /root/

… which returned the following….

loading "" from "/root/" class "IN"
dns_master_load: /root/ CNAME and other data
zone loading master file /root/ CNAME and other data

Looking at line 69 in the zone file revealed the problem – there was an Address and CNAME record for the same resource Two minutes later the problem was fixed.


Leave a Reply

Your email address will not be published. Required fields are marked *