LinkBack URL
About LinkBacksIt sounds like a name server that has been added to DNS as a name server and it either never was a name server or has changed IP address so that it no longer matches its host record.
What is Lame Nameserver
It sounds like a name server that has been added to DNS as a name server and it either never was a name server or has changed IP address so that it no longer matches its host record.
A lame server is one listed as authoritive (as in, it's listed as a nameserver in the domain record) but when queried, it responds as non-authoritive. Nothing you can do about it, and it's not very important.
if you want to stop logging the errors
pico /etc/named.conf
Find this section, at the top;
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
After it add;
logging {
category notify { null; };
category lame-servers { null; };
};
Absolutely what dalem said, not gopal.
Jonathan Michaelson
Need your cPanel servers secured and tuned?
cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
http://www.configserver.com
Really?A lame server is one listed as authoritive (as in, it's listed as a nameserver in the domain record) but when queried, it responds as non-authoritive. Nothing you can do about it, and it's not very important.
In my circumstance, I run primary dns on my server and secondary is provided by my NOC on another server. When I set up a new domain on my server, I submit email, domain, IP to the secondary and it gets the zone file from me. For the most part this works fine. Occasionally for no apparent reason, a domain on the secondary will report as lame.
Not knowing any better, and as this is the only scary looking 'fail' when running a domain through dnsreport.com, I have a support ticket in with my NOC at the moment. If there's nothing to be done about it, and it's not that important, maybe I should leave him alone
Still, pretty curious as to why this would happen to begin with? Especially given a recent case where I setup domain.com, domain.ca, and domain.net all in an identical fashion within a few minutes of each other and 2 of the 3 are fine, while the 3rd reports lame nameserver on the secondary.
It would mean that your secondary nameserver did not respond to the lookup request and is lame, for that domain anyway. Run dig against it and see for yourself. Lame means another server is attampting to query a dns server that has no clue what to tell you becuase it's not authoratative for that domain. You noc running the ns2 for you maybe dropped the ball or their system didn't refresh fast enough for you.Originally Posted by verdon
Really?
In my circumstance, I run primary dns on my server and secondary is provided by my NOC on another server. When I set up a new domain on my server, I submit email, domain, IP to the secondary and it gets the zone file from me. For the most part this works fine. Occasionally for no apparent reason, a domain on the secondary will report as lame.
Not knowing any better, and as this is the only scary looking 'fail' when running a domain through dnsreport.com, I have a support ticket in with my NOC at the moment. If there's nothing to be done about it, and it's not that important, maybe I should leave him alone
Still, pretty curious as to why this would happen to begin with? Especially given a recent case where I setup domain.com, domain.ca, and domain.net all in an identical fashion within a few minutes of each other and 2 of the 3 are fine, while the 3rd reports lame nameserver on the secondary.
Just keeping my "eye" on things....
R. Paul Mathews
RPMWS - diehard cPanel Nutcase
What rpmws said. When dalem said that there was "nothing you could do about it", he was referring to lame servers that are not under your control, i.e. for domains that you don't own. If you get lame server responses for your own servers then you need to resolve them otherwise people aren't getting to your server.
Jonathan Michaelson
Need your cPanel servers secured and tuned?
cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
http://www.configserver.com
Maybe somebody could help me understand these results...
When I use dnsreport.com to test the domain, I get...
Note: it is the secondary from my noc that failsFAIL
Lame nameservers
ERROR: You have one or more lame nameservers. These are nameservers that do NOT answer authoritatively for your domain. This is bad; for example, these nameservers may never get updated. The following nameservers are lame:
xxx.xx.xxx.xx
When I dig the secondary nameserver...
When I dig the primary I get...verdonsPB:~ verdon$ dig @ns2.mynoc.net mydomain.com
; <<>> DiG 9.2.2 <<>> @ns2.mynoc.net mydomain.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12861
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;mydomain.com. IN A
;; ANSWER SECTION:
mydomain.com. 14400 IN A xx.xx.xxx.xx
;; AUTHORITY SECTION:
mydomain.com. 107435 IN NS ns1.myserver.ca.
mydomain.com. 107435 IN NS ns2.mynoc.net.
;; ADDITIONAL SECTION:
ns1.myserver.ca. 14400 IN A xx.xx.xxx.xx
ns2.mynoc.net. 2600 IN A xxx.xx.xxx.xx
;; Query time: 204 msec
;; SERVER: xxx.xx.xxx.xx#53(ns2.mynoc.net)
;; WHEN: Tue Feb 8 08:55:59 2005
;; MSG SIZE rcvd: 169
My NOC did manually refresh the zone file recently because there was SOA disagreement in the serial#. That fixed the problems my client was having with the domain, but I think that was a band-aid.verdonsPB:~ verdon$ dig @ns1.myserver.ca mydomain.com
; <<>> DiG 9.2.2 <<>> @ns1.myserver.ca mydomain.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44196
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;mydomain.com. IN A
;; ANSWER SECTION:
mydomain.com. 14400 IN A xx.xx.xxx.xx
;; AUTHORITY SECTION:
mydomain.com. 14400 IN NS ns1.myserver.ca.
mydomain.com. 14400 IN NS ns2.mynoc.net.
;; ADDITIONAL SECTION:
ns2.mynoc.net. 7505 IN A xxx.xx.xxx.xx
ns1.myserver.ca. 14400 IN A xx.xx.xxx.xx
;; Query time: 61 msec
;; SERVER: xx.xx.xxx.xx#53(ns1.myserver.ca)
;; WHEN: Tue Feb 8 09:05:24 2005
;; MSG SIZE rcvd: 147
Since the creation of lame nameserver records on my secondary seems random, should I try just having them deleted on the secondary and re-created altogether?
Maybe I am wrong but I think a lame result usually means that the answering nameserver has no record. At least in my case it has meant that. I am not sure what a "lame" record would be unless it pointed SOA to another source?
Just keeping my "eye" on things....
R. Paul Mathews
RPMWS - diehard cPanel Nutcase
Reply With Quote