Search Results

Search found 22 results on 1 pages for 'grs'.

Page 1/1 | 1 

  • Successful su for user by root in /var/log/auth.log

    - by grs
    I have this sorts of entries in my /var/log/auth.log: Apr 3 12:32:23 machine_name su[1521]: Successful su for user1 by root Apr 3 12:32:23 machine_name su[1654]: Successful su for user2 by root Apr 3 12:32:24 machine_name su[1772]: Successful su for user3 by root Situation: All users are real accounts in /etc/passwd; None of the users has its own crontab; All of those users are logged in the machine some time ago via SSH or No Machine - time varies from few minutes to few hours; no cron jobs are scheduled to run at that time, anacron is removed; I can see similar entries for other days and other times. The common part is the users are logged in when it appears. It does not appear during login, but some time afterwards. This machine has similar setup with few others but it is the only one where I see these entries. What causes them? Thanks

    Read the article

  • SSD for swap on Ubuntu server

    - by grs
    Currently I am reading SSD reviews and I wonder how much exactly I will benefit if I move the 24 GB swap from 7200rpm HDD to SSD. Does anyone implemented swap space on SSD? Is this generally good idea? On a side note: I read that ext4 has much better performance if the journal is on SSD. Anyone with such a setup? Thanks! Edit: Here I will answer the questions posted: Occasionally, relatively rare I am hitting the swap. I know what the swap is for and that is better to get more RAM. When the server begins to swap its performance degrades (not a surprise). The idea is if I have few memory hungry processes running, to improve the overall system performance at that time, using SSD for swap, instead of slower rotational media. At the end - I want to be able to login faster and check the server state during swapping, instead of waiting on the login prompt. And of what I see SSD is cheaper per GB than RAM. Would I have better server performance during swapping (as rare it is) using SSD compared to HDD? Where 10k or 15k rpm HDDs would rate in this scenario? Thank you all for your quick and prompt answers!

    Read the article

  • Get a queryset of objects through an intermediary model

    - by skyl
    I want get all of the Geom objects that are related to a certain content_object (see the function I'm trying to build at the bottom, get_geoms_for_obj() class Geom(models.Model): ... class GeomRelation(models.Model): ''' For tagging many objects to a Geom object and vice-versa''' geom = models.ForeignKey(Geom) content_type = models.ForeignKey(ContentType) object_id = models.PositiveIntegerField() content_object = generic.GenericForeignKey() def get_geoms_for_object(obj): ''' takes an object and gets the geoms that are related ''' ct = ContentType.objects.get_for_model(obj) id = obj.id grs = GeomRelation.objects.filter( content_type=ct, object_id=id ) # how with django orm magic can I build the queryset instead of list # like below to get all of the Geom objects for a given content_object geoms = [] for gr in grs: geoms.append(gr.geom) return set(geoms) # A set makes it so that I have no redundant entries but I want the # queryset ordering too .. need to make it a queryset for so many reasons...

    Read the article

  • facebook login in my application

    - by sravan-grs
    how to enter in my application by checking userid and password of facebook. i used . but html is supporting that button and facebook login page is opening but after entering the id and password, its not going to myhome.aspx page. please help me

    Read the article

  • DNS lookup of GTLD servers using dig

    - by iamrohitbanga
    I ran the following command on linux >> dig . I got the following response ;; AUTHORITY SECTION: . 281 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2010032400 1800 900 604800 86400 why does the response not contain the IP address of the root server? what do the numbers at the end of the reply mean. one of them is probably (definitely) the date. why does it report 2 root servers a.root and nstld.verisign? when i send the following queries dig com. ;; AUTHORITY SECTION:com. 51 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1269425283 1800 900 604800 86400 again i do not get the ip addresses. when i query for the gtld server specified i can get the ip address. why is the response of dig net. same as that of dig com. except that instead of 51 we have 19 in the response.

    Read the article

  • DNS something is wrong?

    - by Nickolas R.
    Hello I am configuring bind9 on a server with two network interfaces, one is connected to the LAN and the other is connected to the Internet through NAT so bind is not faced directly to the Internet. Everything seems to work fine, clients can do both forward and reverse lookups but somethings seems strange. On the server if i try to ping www.google.com one time, a great amount of network activity is genereated, alot more that one would expect so i decided to sniff the traffic with tcpdump. When loading the dump into Wireshark i can see about 250 entries with "Standard query A" and "Standard query response" Here a some of the entries from the dump DNS Standard query A www.google.com DNS Standard query A blackhole-1.iana.org DNS Standard query A blackhole-2.iana.org DNS Standard query response DNS Standard query A ns2.isc-sns.com DNS Standard query A ns1.isc-sns.net DNS Standard query A ns3.isc-sns.info DNS Standard query response PTR b.iana-servers.net RRSIG DNS Standard query A auth2.dns.cogentco.com DNS Standard query A ns1.crsnic.net DNS Standard query A ns2.nsiregistry.net DNS Standard query A ns3.verisign-grs.net DNS Standard query A ns4.verisign-grs.net DNS Standard query PTR 79.52.19.199.in-addr.arpa I do not have too much experince with DNS yet, but i am pretty sure that something is wrong. Anybody that have an idea of whats is going on?

    Read the article

  • Issue with kernel boot [OVH SERVER]

    - by Conner Stephen McCabe
    Trying to install OpenVZ kernel on Centos 6.3, Yes my kernel is installed i can see it in the /boot folder, yes it is Rhel6 and yes it is all up to date, i checked this with yum update. My issue comes when i reboot my server with that kernel set as the default, it doesn't load, below i shall put a copy of my grub.conf file and my menu.lst file. Grub.conf: default=0 timeout=5 title vzkernel (2.6.32-042stab057.1) root (hd0,0) kernel /boot/vmlinuz-2.6.32-042stab057.1 ro root=/dev/sda1 initrd /initramfs-2.6.32-042stab057.1.img title linux centos6_64 kernel /boot/bzImage-3.2.13-xxxx-grs-ipv6-64 root=/dev/sda1 ro root (hd0,0) Now i shall paste in Menu.lst; # grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes to this file # NOTICE: You have a /boot partition. This means that # all kernel and initrd paths are relative to /boot/, eg. # root (hd0,0) # kernel /vmlinuz-version ro root=/dev/mapper/vg_stock-lv_root # initrd /initrd-[generic-]version.img #boot=/dev/sda default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu title Linux OpenVZ (vmlinuz-2.6.32-042stab057.1) root (hd0,0) kernel /boot/vmlinuz-2.6.32-042stab057.1 ro root=/dev/mapper/vg_stock-lv_root rd_LVM_LV=vg_stock/lv_root rd_LVM_LV=vg_stock/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=l$ initrd /initramfs-2.6.32-042stab057.1.img title CentOS (2.6.32-71.el6.x86_64) root (hd0,0) kernel /boot/bzImage-3.2.13-xxxx-grs-ipv6-64 ro root=/dev/mapper/vg_stock-lv_root rd_LVM_LV=vg_stock/lv_root rd_LVM_LV=vg_stock/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFO$ initrd /initramfs-2.6.32-71.el6.x86_64.img # dummy text Somebody mentioned something about OVH having added a script which changes the kernel settings or something, and suggested that we either remove the script or reinstall using a VNC, but we don't know how to go about doing either of these? Really would be great if you guys could help. Thanks in advance.

    Read the article

  • Kernel panic error

    - by cioby23
    We have a dedicated server with software RAID1 and one of the disk failed recently. The disk was replaced but after rebuilding the array and rebooting the server freezes with a Kernel Panic message No filesystem could mount root, tried: reiserfs ext3 ext2 cramfs msdos vfat iso9660 romfs fuseblk xfs Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(9,1) The filesystem on both disks is ext4. It seems the kernel can't load ext4 support. Is there any way to add ext4 support or do I need to recompile a new kernel again ? Interesting point that before disk replacement all was fine. The kernel is a stock kernel bzImage-2.6.34.6-xxxx-grs-ipv6-64 from our provider OVH Kind regards,

    Read the article

  • Linux kernel with grsec + Java / Apache Tomcat

    - by NoozNooz42
    I've got a Debian Linux 64 bit dedicated server. The kernel has the grsec patch applied. I'm mainly using this server to run Apache Tomcat (6.0.26, Java 6) and everything seems fine. The only issue, is that when I start Tomcat, I get a few of these: grsec: From xxx.xxx.xxx.xxx: Segmentation fault occurred at 00007fefe04e4000 in /home/t/jre1.6.0_20/bin/java[java:22403] uid/euid:1001/1001 gid/egid:1001/1001, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 grsec: more alerts, logging disabled for 10 seconds Then no error logs anymore. Everything is fine. The kernel is: Linux 2.6.32.2-xxxx-grs-ipv4-64 #1 SMP Tue Dec 29 14:41:12 UTC 2009 x86_64 GNU/Linux And the webapp works fine. So there are segmentation fault when Tomcat starts, but everything seems to works fine. Is this concerning? Should I move to a non-grsec kernel?

    Read the article

  • How to switch to a generic kernel in a headless Ubuntu Server 12.04?

    - by chmike
    I just got a dedicated server with Ubuntu 12.04 installed with a custom compiled kernel. Since I would like to install VirtualBox and this custom kernel doesn't support dynamic module loading (for security) I need to change the kernel. I'm running some Ubuntu servers for years but never palyed with grub and a headless computer. When the command update-grub is run it shows the different kernel it finds. Here is what I see Generating grub.cfg ... Found linux image: /boot/bzImage-3.2.13-xxxx-grs-ipv6-64 Found linux image: /boot/vmlinuz-3.2.0-34-generic Found initrd image: /boot/initrd.img-3.2.0-34-generic No volume groups found done The first one is the active one as seen with uname -r. To me it looks like the second kernel is the one I should use. But I don't know how to configure grub2 to use it. The computer is also configured with a software RAID using mdadm I guess. Never used that before. I don't know if playing with the grub of changing kernel could brake this. What must I do to set the generic kernel as the default one so that I can get VirtualBox running.

    Read the article

  • debootstrap or virt-install Ubuntu Server Maverick fails

    - by poelinca
    Oki so running any kind of variation of debootsrap i get the following error I: Extracting zlib1g... W: Failure trying to run: chroot /lxc/iso/dodo mount -t proc proc /proc debootstrap.log : mount: permission denied if i manualy chroot into the directory then i get promted with: id: cannot find name for group ID 0 I have no name!@...# i tryed addgroup but it's not installed , apt-get/aptitude : command not found , so i can't do anything with it . I've tryed ubuntu-vm-builder but since it's calling debootstrap i get the same error . Played with it for a few days and then i stoped and gaved virt-install a try , everithing works till i get to the console to finish the install witch shows only : Escape character is ^] and nothing more , no matter what i type . So basicly what i'm trying to do is build a usable chroot system so i can use it with lxc or libvirt . What are my options to get containers/virtualisation up and running ? I've read somewhere that i can use openvz templates with lxc or libvirt ? but how ? Let me know if you need aditional info ( p.s. doing all this on a dedicated server so i can't access it by hand , only ssh , plus on my local pc running ubuntu desktop maverick everithing works ) . EDIT Getting closer , i managed to understand how to use an openvz template with lxc , now the problem comes with the network bridge lxc-start: invalid interface name: br0 # Use same bridge device used in your controlling host setup lxc-start: failed to process 'lxc.network.link = br0 # Use same bridge device used in your controlling host setup ' lxc-start: failed to read configuration file i followed the exact steps to create a bridge and lxc conf looks like: lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 # Use same bridge device used in your controlling host setup lxc.network.hwaddr = {a1:b2:c3:d4:e5:f6} # As appropiate (line only needed if you wish to dhcp later) lxc.network.ipv4 = {10.0.0.100} # (Use 0.0.0.0 if you wish to dhcp later) lxc.network.name = eth0 # could likely be whatever you want Since it's not working i know smth is wrong so could somebody guyde me ? EDIT , looks like the base install was using an custom kernel ( bzImage-2.6.34.6-xxxx-grs-ipv6-65 ) for witch you i didn't found the headers , i did a update-grub after i installed a new kernel , edited menu.lst and no it's using 2.6.35-23-server and now debootstrap is working just fine same as ubuntu-vm-builder .

    Read the article

  • Can I use CNAME with ip address? Why If works (sometimes)?

    - by Maciek Sawicki
    I believe that the easiest answer for the first question is "No, You have "A" for this", but I accidentally setup some subdomain using CNAME pointing to ip address and it worked on few computers in my office. I wonder how it was possible? Now, when I'm checking it from home I have following error: beast:~ viroos$ host somesubdomain.somedomain.com Host somesubdomain.somedomain.com not found: 3(NXDOMAIN) I'm 100% it used to work at my office (currently it looks like it doesn't, but I'm checking it on different machine). Therefore I'm not 100% if it worked due to some special network setup or because I tested it just after adding DNS entry. I know this story sounds, a little crazy/incredibly, but can someone help me solve this puzzle. //edit: I'm adding dig output ; <<>> DiG 9.6-ESV-R4-P3 <<>> somesubdomain.somedomain.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60224 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;somesubdomain.somedomain.com. IN A ;; ANSWER SECTION: somesubdomain.somedomain.com. 67 IN CNAME xxx.xxx.xxx.xx1. ;; AUTHORITY SECTION: . 1800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2012040901 1800 900 604800 86400 ;; Query time: 72 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 10 00:11:01 2012 ;; MSG SIZE rcvd: 136

    Read the article

  • php (rar) i want to rar a folder using rar on Ubuntu (linux) by php (on dedi server) noob

    - by Steve
    hey guyz i want rar (not tar) my folder on my server by using php RAR RAR 3.93 Copyright (c) 1993-2010 Alexander Roshal 15 Mar 2010 Registered to my real name OS Ubuntu Release (Karmic) kernel linux 2.6.32.2-xxxx-grs-ipv4-32 Gnome 2.28.1 latest php an lighthttpd i have tried these things http://php.net/manual/en/function.escapeshellarg.php // may be wrong code http://php.net/manual/en/function.exec.php http://php.net/manual/en/function.shell-exec.php my command (working in ssh and nautilus script) rar a -m0 /where/file/will/saved/file_name.rar /location/ti/data/dir/datafolder php code $log=Shell_exec("rar a -m0 /where/file/will/saved/file_name.rar /location/ti/data/dir/datafolder"); echo $log; one method is left which i don't know how to use and its working on server that is by somefile_to_execute_command.sh i have to execute .sh file from php need to send some variables (command) and i tried this method can rar file with a script named RapidLeech but its rar from only its own files dir only :( but i want to do in different directories. Rapid Leech rar class http://paste2.org/p/791668 i m able run shell command with php (cp(copy),mv(move),ls(directory list),rm(remove aka delete)) but got failed to run rar i gives no output i also tried to given path rar and i used alot commands with php Shell_exec function and working like they work with ssh and i have tried almost 80 % method given on net and failed from last 3days i m over now plz help me i need php script file working plz reply if u have any info n code and experience about rar and this kinda :( problem i m 99% noob just used code mean search Google collect script make my own working thing (for personal use only) n now i m failed to rar folder and file :(( now plz provide me code plz don't talk in technical language because i m just reading my first php book (for dummies :D) mean noob and 0.1 plz help me as much u can thankx

    Read the article

  • Reason for socket.error

    - by August Flanagan
    Hi, I am a complete newbie when it comes to python, and programming in general. I've been working on a little webapp for the past few weeks trying to improve my coding chops. A few days ago my laptop was stolen so I went out and got a new MacBook Pro. Thank God I had everything under subversion control. The problem is now that I am on my new machine a script that I was running has stopped working and I have no idea why. This is really the only part of what I have been writing that I borrowed heavily for existing scripts. It is from the widely available whois.py script and I have only slightly modified it as follows (see below). It was running fine on my old system (running ubuntu), but now the socket.error is being raised. I'm completely lost on this, and would really appreciate any help. Thanks! def is_available(domainname, whoisserver="whois.verisign-grs.com", cache=0): if whoisserver is None: whoisserver = "whois.networksolutions.com" s = None while s == None: try: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.setblocking(0) try: s.connect((whoisserver, 43)) except socket.error, (ecode, reason): if ecode in (115, 150): pass else: raise socket.error, (ecode, reason) ret = select.select([s], [s], [], 30) if len(ret[1])== 0 and len(ret[0]) == 0: s.close() raise TimedOut, "on connect " s.setblocking(1) except socket.error, (ecode, reason): print ecode, reason time.sleep(1) s = None s.send("%s \n\n" % domainname) page = "" while 1: data = s.recv(8196) if not data: break page = page + data s.close()

    Read the article

  • Can't send mail from Windows Phone (Postfix server)

    - by Dominic Williams
    Some background: I have a Dovecot/Postfix setup to handle email for a few domains. We have imap and smtp setup on various devices (Macs, iPhones, PCs, etc) and it works no problem. I've recently bought a Windows Phone and I'm trying to setup the mail account on there. I've got the imap part working great but for some reason it won't send mail. mail.log with debug_peer_list I've put this on pastebin because its quite long: http://pastebin.com/KdvMDxTL dovecot.log with verbose_ssl Apr 14 22:43:50 imap-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [109.151.23.129] Apr 14 22:43:51 imap-login: Info: Login: user=<pixelfolio>, method=PLAIN, rip=109.151.23.129, lip=94.23.254.175, mpid=24390, TLS Apr 14 22:43:53 imap(pixelfolio): Info: Disconnected: Logged out bytes=9/331 Apr 14 22:43:53 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [109.151.23.129] postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix debug_peer_list = 109.151.23.129 inet_interfaces = all mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 message_size_limit = 50240000 milter_default_action = accept milter_protocol = 2 mydestination = ks383809.kimsufi.com, localhost.kimsufi.com, localhost myhostname = ks383809.kimsufi.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname non_smtpd_milters = inet:127.0.0.1:8891,inet:localhost:8892 readme_directory = no recipient_delimiter = + smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_milters = inet:127.0.0.1:8891,inet:localhost:8892 smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_domains = domz.co.uk ruck.in vjgary.co.uk scriptees.co.uk pixelfolio.co.uk filmtees.co.uk nbsbar.co.uk virtual_alias_maps = hash:/etc/postfix/alias_maps doveconf -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38.2-grsec-xxxx-grs-ipv6-64 x86_64 Ubuntu 11.10 auth_mechanisms = plain login log_path = /var/log/dovecot.log mail_location = mbox:~/mail/:INBOX=/var/mail/%u passdb { driver = pam } protocols = imap service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = passwd } verbose_ssl = yes Any suggestions or help greatly appreciated. I've been pulling my hair out with this for hours! EDIT This seems to be my exact problem, but I already have broken_sasl set to yes and the 'login' auth mechanism added? http://forums.gentoo.org/viewtopic-t-898610-start-0.html

    Read the article

  • Windows DNS Server 2008 R2 fallaciously returns SERVFAIL

    - by Easter Sunshine
    I have a Windows 2008 R2 domain controller which is also a DNS server. When resolving certain TLDs, it returns a SERVFAIL: $ dig bogus. ; <<>> DiG 9.8.1 <<>> bogus. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 31919 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;bogus. IN A I get the same result for a real TLD like com. when querying the DC as shown above. Compare to a BIND server that is working as expected: $ dig bogus. @128.59.59.70 ; <<>> DiG 9.8.1 <<>> bogus. @128.59.59.70 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30141 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;bogus. IN A ;; AUTHORITY SECTION: . 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2012012501 1800 900 604800 86400 ;; Query time: 18 msec ;; SERVER: 128.59.59.70#53(128.59.59.70) ;; WHEN: Wed Jan 25 14:09:14 2012 ;; MSG SIZE rcvd: 98 Similarly, when I query my Windows DNS server with dig . any, I get a SERVFAIL but the BIND servers return the root zone as expected. This sounds similar to the issue described in http://support.microsoft.com/kb/968372 except I am using two forwarders (128.59.59.70 from above as well as 128.59.62.10) and falling back to root hints so the preconditions to expose the issue are not the same. Nevertheless, I also applied the MaxCacheTTL registry fix as described and restarted DNS and the whole server as well but the problem persists. The problem occurs on all domain controllers in this domain and has occurred since half a year ago, even though the servers are getting automatic Windows updates. EDIT Here is a debug log. The client is 160.39.114.110, which is my workstation. 1/25/2012 2:16:01 PM 0E08 PACKET 000000001EA6BFD0 UDP Rcv 160.39.114.110 2e94 Q [0001 D NOERROR] A (5)bogus(0) UDP question info at 000000001EA6BFD0 Socket = 508 Remote addr 160.39.114.110, port 49710 Time Query=1077016, Queued=0, Expire=0 Buf length = 0x0fa0 (4000) Msg length = 0x0017 (23) Message: XID 0x2e94 Flags 0x0100 QR 0 (QUESTION) OPCODE 0 (QUERY) AA 0 TC 0 RD 1 RA 0 Z 0 CD 0 AD 0 RCODE 0 (NOERROR) QCOUNT 1 ACOUNT 0 NSCOUNT 0 ARCOUNT 0 QUESTION SECTION: Offset = 0x000c, RR count = 0 Name "(5)bogus(0)" QTYPE A (1) QCLASS 1 ANSWER SECTION: empty AUTHORITY SECTION: empty ADDITIONAL SECTION: empty 1/25/2012 2:16:01 PM 0E08 PACKET 000000001EA6BFD0 UDP Snd 160.39.114.110 2e94 R Q [8281 DR SERVFAIL] A (5)bogus(0) UDP response info at 000000001EA6BFD0 Socket = 508 Remote addr 160.39.114.110, port 49710 Time Query=1077016, Queued=0, Expire=0 Buf length = 0x0fa0 (4000) Msg length = 0x0017 (23) Message: XID 0x2e94 Flags 0x8182 QR 1 (RESPONSE) OPCODE 0 (QUERY) AA 0 TC 0 RD 1 RA 1 Z 0 CD 0 AD 0 RCODE 2 (SERVFAIL) QCOUNT 1 ACOUNT 0 NSCOUNT 0 ARCOUNT 0 QUESTION SECTION: Offset = 0x000c, RR count = 0 Name "(5)bogus(0)" QTYPE A (1) QCLASS 1 ANSWER SECTION: empty AUTHORITY SECTION: empty ADDITIONAL SECTION: empty Every option in the debug log box was checked except "filter by IP". By contrast, when I query, say, accounts.google.com, I can see the DNS server go out to its forwarder (128.59.59.70, for example). In this case, I didn't see any packets going out from my DNS server even though bogus. was not in the cache (the debug log was already running and this is the first time I queried this server for bogus. or any TLD). It just returned SERVFAIL without consulting any other DNS server, as in the Microsoft KB article linked above.

    Read the article

1