# DNS Question...



## FBSDin20Steps (Feb 14, 2010)

Hi all,

I was browsing through my logs and I found this entry in /var/log/auth.log


```
Feb  7 12:57:14 centiger firefox-bin: gethostby*.getanswer: asked for "simon.nitro.dk IN AAAA", got type "SOA"
```

Can someone please explain in short terms what this mean?


----------



## DutchDaemon (Feb 14, 2010)

Do you have any special settings in unbound (like local-zone or local-data)?


----------



## FBSDin20Steps (Feb 14, 2010)

Not that I know of...


----------



## DutchDaemon (Feb 14, 2010)

It basically means that a DNS lookup resulted in a reply that differs from the expected one. E.g I use unbound as my resolver, and I have certain DNS zones I do not want any contact with, so I redirected them to a local zone with fake data. Whenever I (or my web browser) tries to resolve a hostname in a zone like that, I get a similar log line, like:


```
Feb 14 02:16:12 box firefox-bin: gethostby*.getanswer: asked for "ad.doubleclick.net", got "doubleclick.net"
```

In your case, you asked for an AAAA record (IPv6 A record) and got a SOA record (Start of Authority) back. This may have been a temporary failure in that zone's ACLs (telling you to look elsewhere).


----------



## FBSDin20Steps (Feb 14, 2010)

Thanks for the clear explanation. Funny this is I've never seen this before in my logs. Suspicious as I am... I can ignore this?


----------



## DutchDaemon (Feb 14, 2010)

Yeah, it looks like a freak occurrence.


----------



## FBSDin20Steps (Feb 14, 2010)

LOL Maybe Simon is trying to tell me something... :e 
Well, anyway. Thanks Dutch


----------

