Cisco Cisco Email Security Appliance X1070 Fehlerbehebungsanleitung
What does DNS Lame Delegation error mean in my
mail logs?
mail logs?
Document ID: 118216
Contributed by Sandeep Minhas and Enrico Werner, Cisco TAC
Engineers.
Aug 12, 2014
Engineers.
Aug 12, 2014
Contents
What does DNS Lame Delegation error mean in my mail logs?
What does DNS Lame Delegation error mean in my mail
logs?
logs?
Environment: Cisco Email Security Appliance (ESA), all versions of AsyncOS
Lame delegation/referral is when an NS record points to an incorrect host. This can be caused when a zone is
delegated to a server that has not been properly configured to be authoritative for the zone. This will cause
resolvers to direct queries to servers that will not respond authoritatively, if at all. This causes unnecessary
network traffic and extra work for servers.
delegated to a server that has not been properly configured to be authoritative for the zone. This will cause
resolvers to direct queries to servers that will not respond authoritatively, if at all. This causes unnecessary
network traffic and extra work for servers.
Lame delegation/referral also happens when a domain is registered but only has one or no DNS servers, so
random DNS servers are specified to act as place−holders even though none of these servers have a zone
defined for the domain in question. If you see this message about your own server, you should take steps to
correct this immediately. If the domain−name in question is not yours, do a WHOIS look up to determine the
owner, and contact them to change it immediately (they are causing additional traffic on your Internet
connection and additional processing for your DNS servers). If the domain−name is yours, add the zone to
your server immediately.
random DNS servers are specified to act as place−holders even though none of these servers have a zone
defined for the domain in question. If you see this message about your own server, you should take steps to
correct this immediately. If the domain−name in question is not yours, do a WHOIS look up to determine the
owner, and contact them to change it immediately (they are causing additional traffic on your Internet
connection and additional processing for your DNS servers). If the domain−name is yours, add the zone to
your server immediately.
Lame delegation/referrals can cause potentially serious problems for web visitors and for delivery of mail. If
only one of the servers to which the zone is delegated in fact has authoritative data for the zone, then if that
server should become unavailable, the zone effectively can not be located from the net. It does not matter if
there are other servers that have authoritative data for the zone, because they are not listed in the delegation.
only one of the servers to which the zone is delegated in fact has authoritative data for the zone, then if that
server should become unavailable, the zone effectively can not be located from the net. It does not matter if
there are other servers that have authoritative data for the zone, because they are not listed in the delegation.
Updated: Aug 12, 2014
Document ID: 118216