Common errors when a block is delegated

When a block is delegated, errors may occur if the server for the reverse resolution of a specific network is not configured to return authoritative data when queried for the Start of Authority (SOA) of this zone.

Non-authoritative answers from such servers may contain errors or other types of replies that would not be expected from an authoritative DNS server.

What types of responses can the verification system return when a lame delegation test is performed?

AA: Authoritative answer

This is not an error message. Instead, it specifies that the queried DNS servers have authoritative data for a reverse zone or domain in their local configuration files; in other words, the server is correctly configured and has authority over the reverse domain or zone.

TIMEOUT: Timer expired without receiving a response

No DNS query response received during the expected time.

NOAA: No authoritative answer over a reverse domain or zone

The DNS server contains data for the reverse zone or domain, but this data is not available in its local configuration files. Instead, the DNS has learned this information from other DNS servers, meaning that the validity of this information cannot be fully trusted.

UDN: Unknown domain name

The DNS server does not have any information on the reverse zone or domain for which it was queried.

UH: Unknown host

The DNS server registered in LACNIC’s system as authoritative for the reverse resolution of an IP address block was not found or does not exist.

FAIL: DNS server error/failure

An error or failure occurred when attempting to communicate with the DNS server.

QREFUSED: DNS query refused

The DNS server refused the query.

CREFUSED: Connection refused

A connection to the DNS server was established, but the server does not accept DNS queries, i.e., there is no DNS server software running on the server.

CNAME: Canonical name

The name of the registered DNS server is not the actual name of the server but a nickname. This configuration is not recommended for DNS servers.

NOT SYNC ZONE: Zone not synchronized

The reverse zone configured on one of the DNS servers does not match the one configured on the other servers responsible for the same reverse zone.