Question Bind9 random error problem for some address

[secooonder]

Server operating system version

Ubuntu 22.04

Plesk version and microupdate number

18.0.43

Hi
But i have a problem.
Some clients have an error while answering their queries.

03-Jan-2023 15:40:57.342 query-errors: info: client @0x7f2b90004ea0 212.c.a.b#37848 (hclm.allianz.com.tr): view f: query failed (SERVFAIL) for hclm.allianz.com.tr/IN/TYPE65 at query.c:6182
03-Jan-2023 15:43:52.540 query-errors: info: client @0x7f2b6c9dfd00 176.a.b.c#56469 (platform.twitter.com): view f: query failed (timed out) for platform.twitter.com/IN/TYPE65 at query.c:6883
03-Jan-2023 15:44:02.564 query-errors: info: client @0x7f2b6c9dfd00 176.a.b.c#56469 (platform.twitter.com): view f: query failed (timed out) for platform.twitter.com/IN/TYPE65 at query.c:6883
03-Jan-2023 15:48:28.715 query-errors: info: client @0x7f2b64073ba0 192.168.a.b#61932 (webprovizyon.allianz.com.tr): view intranet: query failed (timed out) for webprovizyon.allianz.com.tr/IN/TYPE65 at query.c:6883
03-Jan-2023 15:48:28.935 query-errors: info: client @0x7f2b680365e0 192.168.c.d#52167 (cas.allianz.com.tr): view intranet: query failed (timed out) for cas.allianz.com.tr/IN/TYPE65 at query.c:6883

named.conf

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
//include "/etc/bind/named.conf.default-zones";




logging {


channel queries_log {
file "/var/log/named/queries" versions 10 size 40m;
print-time yes;
print-category yes;
print-severity yes;
severity dynamic;
};


channel default_log {
file "/var/log/named/default" versions 3 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};


channel query-errors_log {
file "/var/log/named/query-errors" versions 3 size 10m;
print-time yes;
print-category yes;
print-severity yes;
severity dynamic;
};


category queries { queries_log; };
category default { default_debug; };
category query-errors {query-errors_log; };


};

named_conf_local

acl "trusted" {
127.0.0.0/8 ;
212.c.a.b ;
176.a.b.c ;



};




options {
directory "/var/cache/bind";
dnssec-validation auto;


recursion yes;
allow-recursion { trusted ; };


forwarders {
8.8.8.8 ;
195.175.39.39 ;
4.2.2.6 ;
} ;
allow-transfer {"none";};
version "nooo";



empty-zones-enable yes;


auth-nxdomain no; # conform to RFC1035
listen-on port 53 { 127.0.0.1 ; 192.168.a.b ; d.c.e.f; };
listen-on-v6 { none; };

What is the problem ?


Please help me.
King Regards

 

[secooonder]

Please help me

 

[scsa20]

Looks like you're trying to query to the internet instead of any of your domains which bind won't know about. Do you have your name servers configured correctly? Your /etc/resolv.conf file should be configured with some sort of public DNS server such as 8.8.8.8/8.8.4.4 or 1.1.1.1/1.0.0.1 (or whatever DNS you want use to reach the wider internet).

 

[secooonder]

scsa20 thank you.
Yes, i configured correctly my dns server.
Just now, the client can not resolved platform.twitter.com .

06-Jan-2023 10:28:23.488 query-errors: info: client @0x7f4dbc06b3d0 192.168.a.b#50528 (platform.twitter.com): view intranet: query failed (timed out) for platform.twitter.com/IN/TYPE65 at query.c:6883

But , my dns server can resolved platform.twitter.com ?

root@abcde:/etc/bind# dig platform.twitter.com

; <<>> DiG 9.16.1-Ubuntu <<>> platform.twitter.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28243
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: e58f942c3aafcc250100000063b7d037efba936b822a7964 (good)
;; QUESTION SECTION:
;platform.twitter.com. IN A

;; ANSWER SECTION:
platform.twitter.com. 142 IN CNAME cs472.wac.edgecastcdn.net.
cs472.wac.edgecastcdn.net. 3315 IN CNAME cs1-apr-8315.wac.edgecastcdn.net.
cs1-apr-8315.wac.edgecastcdn.net. 415 IN CNAME wac.apr-8315.edgecastdns.net.
wac.apr-8315.edgecastdns.net. 224 IN CNAME cs1-lb-eu.8315.ecdns.net.
cs1-lb-eu.8315.ecdns.net. 30 IN CNAME cs41.wac.edgecastcdn.net.
cs41.wac.edgecastcdn.net. 248 IN A 93.184.220.66

;; Query time: 1439 msec
;; SERVER: 192.168.a.b#53(192.168.a.b)
;; WHEN: Cum Oca 06 10:39:35 +03 2023
;; MSG SIZE rcvd: 258

root@abcde:/etc/bind# more /etc/resolv.conf
nameserver 192.168.a.b
search defgh.com.tr

My dns Server is ,Public Dns Server.

i will change to nameserver 8.8.8.8 after work hour(After 8 hour)
i will give information