Александр Кириллов писал 2014-09-06 18:32: >>> There seems to be a problem with my local dns server resolving >>> mirror.centos.org. >>> I know something about dns but obviously not enough to figure out >>> what >>> might be wrong here or how to fix >>> this in bind configs. The SERVFAIL errors below seem to be related to >>> AAAA and MX queries for the domain. >>> Please advise. TIA. >>> >>> >>> # host mirror.centos.org 8.8.8.8 >>> Using domain server: >>> Name: 8.8.8.8 >>> Address: 8.8.8.8#53 >>> Aliases: >>> >>> mirror.centos.org has address 69.167.139.9 >>> >>> >>> # host mirror.centos.org >>> mirror.centos.org has address 66.109.26.212 >>> Host mirror.centos.org not found: 2(SERVFAIL) >>> Host mirror.centos.org not found: 2(SERVFAIL) >>> >>> >>> # tail -F /var/named/chroot/var/named/data/named.run >>> error (FORMERR) resolving 'mirror.centos.org/AAAA/IN': >>> 85.12.30.226#53 >>> error (FORMERR) resolving 'mirror.centos.org/AAAA/IN': >>> 93.113.36.66#53 >>> error (FORMERR) resolving 'mirror.centos.org/AAAA/IN': >>> 94.46.190.42#53 >>> error (FORMERR) resolving 'mirror.centos.org/AAAA/IN': >>> 85.12.30.226#53 >>> error (FORMERR) resolving 'mirror.centos.org/AAAA/IN': >>> 93.113.36.66#53 >>> error (FORMERR) resolving 'mirror.centos.org/AAAA/IN': >>> 94.46.190.42#53 >>> error (FORMERR) resolving 'mirror.centos.org/MX/IN': 85.12.30.226#53 >>> error (FORMERR) resolving 'mirror.centos.org/MX/IN': 93.113.36.66#53 >>> error (FORMERR) resolving 'mirror.centos.org/MX/IN': 94.46.190.42#53 >>> error (FORMERR) resolving 'mirror.centos.org/MX/IN': 85.12.30.226#53 >>> error (FORMERR) resolving 'mirror.centos.org/MX/IN': 93.113.36.66#53 >>> error (FORMERR) resolving 'mirror.centos.org/MX/IN': 94.46.190.42#53 >>> >> >> Try asking the correct type (A record only) and you'll have the >> correct >> answer : the three PDNS servers having delegation for >> mirror.centos.org >> will only answer for A records (we have obviously no MX record for >> mirror.centos.org and, unfortunately, no AAAA records for those >> machines >> either) >> >> PS : host is considered "deprecated" so switch to dig instead ? ;-) > > Thanks for your answer, Fabian, > I forgot to mention in the OP that the source of the error is yum with > scl repo enabled: > > # yum distro-sync > Loaded plugins: fastestmirror, priorities, refresh-packagekit, > security, verify > ... > http://mirror.centos.org/centos/6/SCL/x86_64/repodata/repomd.xml: > [Errno 14] PYCURL ERROR 6 - "Could not resolve host: mirror.centos.org > (Could not contact DNS servers)" > Trying other mirror. > Error: Cannot retrieve repository metadata (repomd.xml) for > repository: scl. Please verify its path and try again This is an ipv6-enabled system and that's probably why yum tries to get an ipv6 address first for mirror.centos.org and fails miserably. For whatever reason I do not get an authoritative negative response for AAAA query from upstream servers. Well an easy fix is to hardcode an ipv4 address for mirror.centos.org in /etc/hosts and forget it. I suspect miconfiguration on centos.org side as scl is the only repo which gives me troubles but don't have the time to dig into this.