What does this "server returned error NXDOMAIN" message mean?
Good Morning,
I've been seeing the following error in my syslog over the past few days:
systemd-resolved[552]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
And the answers I see online refer to writing a rule to simply ignore the error; Not what I want to do.
Does anyone else see this, and if so, what did you do to fix it?
Thanks… André
3 Replies
mattwatts
Linode Staff
Hello,
It looks like this issue may be related to https://www.linode.com/community/questions/17081/dns-stops-resolving-on-ubuntu-1804 which appears to be caused but a bug in systemd-resolved.
Are you experiencing this issue on an Ubuntu 18.04 machine? The bug mentioned above appears to be specific to this distribution. I personally have not been able to reproduce this error using the method stated in the bug report on askubuntu:
I hope that I'm not pointing you in the wrong direction here but the discussion regarding this particular bug is located here:
https://github.com/systemd/systemd/issues/9833
And the current proposed fix on github is:
https://github.com/systemd/systemd/commit/3740146a4cbd99883af79e375ee4836206dcea4e
It looks like for the mean time people are either disregarding the messages or configuring a rule to ignore these messages like the one expressed in ddpbsd's comment here:
https://github.com/ossec/ossec-hids/issues/1479
Let me know if you think this is what could be causing this issue for you otherwise we can do some more digging to try and determine the actual cause.
Thanks,
Matt Watts
Linode Support Team
Hi Matt - Thanks for your response (not sure how to get notifications on things I post) but I wanted to add an ignore rule, but I dont have the file: /var/ossec/rules/local_rules.xml. Do I need to install ossec to get rid of this error message… Not sure what is generating the message