dearsky/numa
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 25 Wiki Activity

malformed reply packet / general ldns error #128

New Issue
Closed
opened 2026-04-22 20:06:02 +08:00 by bcookatpcsd · 0 comments
bcookatpcsd commented 2026-04-22 20:06:02 +08:00 (Migrated from github.com)
Copy Link

just noticed this today..

was looking at the page for the version, and didn't see the git commit tag and thought it might be the release version..

then saw the 9000+ seconds of things in cache.. and thought that was odd..

Image

Did the initial check with drill which gave the lower error.. installed kdig on this machine; did get a response .. but says malformed reply

will look into it more; but wanted to share in case you knew what it might immediately be..

❯❯ kdig @10.120.48.254 odin.adobe.com https
;; ERROR: malformed reply packet from 10.120.48.254@53(UDP)
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 60233
;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 1; ADDITIONAL: 1

;; QUESTION SECTION:
;; odin.adobe.com.     		IN	HTTPS

;; ANSWER SECTION:
odin.adobe.com.     	9087	IN	CNAME	cdn.adobeaemcloud.com.
cdn.adobeaemcloud.com.	9087	IN	CNAME	adobe-aem.map.fastly.net.

;; Received 219 B
;; Time 2026-04-22 07:56:52 EDT
;; From 10.120.48.254@53(UDP) in 0.3 ms
;; ERROR: malformed reply packet from 10.120.48.254@53(UDP)
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 60233
;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 1; ADDITIONAL: 1

;; QUESTION SECTION:
;; odin.adobe.com.     		IN	HTTPS

;; ANSWER SECTION:
odin.adobe.com.     	9087	IN	CNAME	cdn.adobeaemcloud.com.
cdn.adobeaemcloud.com.	9087	IN	CNAME	adobe-aem.map.fastly.net.

;; Received 219 B
;; Time 2026-04-22 07:56:52 EDT
;; From 10.120.48.254@53(UDP) in 0.2 ms
;; ERROR: malformed reply packet from 10.120.48.254@53(UDP)
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 60233
;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 1; ADDITIONAL: 1

;; QUESTION SECTION:
;; odin.adobe.com.     		IN	HTTPS

;; ANSWER SECTION:
odin.adobe.com.     	9087	IN	CNAME	cdn.adobeaemcloud.com.
cdn.adobeaemcloud.com.	9087	IN	CNAME	adobe-aem.map.fastly.net.

;; Received 219 B
;; Time 2026-04-22 07:56:52 EDT
;; From 10.120.48.254@53(UDP) in 0.1 ms
;; ERROR: failed to query server 10.120.48.254@53(UDP)


✘ 1 ❯❯ drill -t https odin.adobe.com @10.120.48.254
Error: error sending query: General LDNS error

this looks fine:

✘ 1 ❯❯ kdig @10.120.48.254 www.google.com https
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 48211
;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1

;; EDNS PSEUDOSECTION:
;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR

;; QUESTION SECTION:
;; www.google.com.     		IN	HTTPS

;; ANSWER SECTION:
www.google.com.     	12645	IN	HTTPS	1 . alpn="h2,h3"

;; Received 82 B
;; Time 2026-04-22 08:02:07 EDT
;; From 10.120.48.254@53(UDP) in 0.7 ms

as does this:

❯❯ kdig @10.120.48.254 www.example.com https
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 46836
;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1

;; EDNS PSEUDOSECTION:
;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR

;; QUESTION SECTION:
;; www.example.com.    		IN	HTTPS

;; ANSWER SECTION:
www.example.com.    	300	IN	HTTPS	1 . alpn="h2" ipv4hint=104.20.23.154,172.66.147.243

;; Received 93 B
;; Time 2026-04-22 08:02:37 EDT
;; From 10.120.48.254@53(UDP) in 11.6 ms
❯❯

(expected - nothing wrong here)

✘ 130 ❯❯ kdig @10.120.48.254 www.quad9.net https
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 23503
;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1

;; EDNS PSEUDOSECTION:
;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR

;; QUESTION SECTION:
;; www.quad9.net.      		IN	HTTPS

;; ANSWER SECTION:
www.quad9.net.      	60	IN	A	0.0.0.0

;; Received 71 B
;; Time 2026-04-22 08:03:30 EDT
;; From 10.120.48.254@53(UDP) in 0.7 ms

another domain with cname responses in the https record..

❯❯ kdig @10.120.48.254 www.slashdot.org https
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 42739
;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 1; ADDITIONAL: 1

;; EDNS PSEUDOSECTION:
;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR

;; QUESTION SECTION:
;; www.slashdot.org.   		IN	HTTPS

;; ANSWER SECTION:
www.slashdot.org.   	300	IN	CNAME	www.slashdot.org.cdn.cloudflare.net.

;; AUTHORITY SECTION:
cloudflare.net.     	1800	IN	SOA	ns1.cloudflare.net. dns.cloudflare.com. 2401921514 10000 2400 604800 1800

;; Received 182 B
;; Time 2026-04-22 08:04:11 EDT
;; From 10.120.48.254@53(UDP) in 22.5 ms

🤷‍♂️

Thank you in advance.

just noticed this today.. was looking at the page for the version, and didn't see the git commit tag and thought it might be the release version.. then saw the 9000+ seconds of things in cache.. and thought that was odd.. <img width="291" height="240" alt="Image" src="https://github.com/user-attachments/assets/dc62419d-68d3-4ab4-a8a9-bac97ea2c90c" /> Did the initial check with drill which gave the lower error.. installed kdig on this machine; did get a response .. but says malformed reply will look into it more; but wanted to share in case you knew what it might immediately be.. ``` ❯❯ kdig @10.120.48.254 odin.adobe.com https ;; ERROR: malformed reply packet from 10.120.48.254@53(UDP) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 60233 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 1; ADDITIONAL: 1 ;; QUESTION SECTION: ;; odin.adobe.com. IN HTTPS ;; ANSWER SECTION: odin.adobe.com. 9087 IN CNAME cdn.adobeaemcloud.com. cdn.adobeaemcloud.com. 9087 IN CNAME adobe-aem.map.fastly.net. ;; Received 219 B ;; Time 2026-04-22 07:56:52 EDT ;; From 10.120.48.254@53(UDP) in 0.3 ms ;; ERROR: malformed reply packet from 10.120.48.254@53(UDP) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 60233 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 1; ADDITIONAL: 1 ;; QUESTION SECTION: ;; odin.adobe.com. IN HTTPS ;; ANSWER SECTION: odin.adobe.com. 9087 IN CNAME cdn.adobeaemcloud.com. cdn.adobeaemcloud.com. 9087 IN CNAME adobe-aem.map.fastly.net. ;; Received 219 B ;; Time 2026-04-22 07:56:52 EDT ;; From 10.120.48.254@53(UDP) in 0.2 ms ;; ERROR: malformed reply packet from 10.120.48.254@53(UDP) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 60233 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 1; ADDITIONAL: 1 ;; QUESTION SECTION: ;; odin.adobe.com. IN HTTPS ;; ANSWER SECTION: odin.adobe.com. 9087 IN CNAME cdn.adobeaemcloud.com. cdn.adobeaemcloud.com. 9087 IN CNAME adobe-aem.map.fastly.net. ;; Received 219 B ;; Time 2026-04-22 07:56:52 EDT ;; From 10.120.48.254@53(UDP) in 0.1 ms ;; ERROR: failed to query server 10.120.48.254@53(UDP) ✘ 1 ❯❯ drill -t https odin.adobe.com @10.120.48.254 Error: error sending query: General LDNS error ``` this looks fine: ``` ✘ 1 ❯❯ kdig @10.120.48.254 www.google.com https ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 48211 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1 ;; EDNS PSEUDOSECTION: ;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR ;; QUESTION SECTION: ;; www.google.com. IN HTTPS ;; ANSWER SECTION: www.google.com. 12645 IN HTTPS 1 . alpn="h2,h3" ;; Received 82 B ;; Time 2026-04-22 08:02:07 EDT ;; From 10.120.48.254@53(UDP) in 0.7 ms ``` as does this: ``` ❯❯ kdig @10.120.48.254 www.example.com https ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 46836 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1 ;; EDNS PSEUDOSECTION: ;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR ;; QUESTION SECTION: ;; www.example.com. IN HTTPS ;; ANSWER SECTION: www.example.com. 300 IN HTTPS 1 . alpn="h2" ipv4hint=104.20.23.154,172.66.147.243 ;; Received 93 B ;; Time 2026-04-22 08:02:37 EDT ;; From 10.120.48.254@53(UDP) in 11.6 ms ❯❯ ``` (expected - nothing wrong here) ``` ✘ 130 ❯❯ kdig @10.120.48.254 www.quad9.net https ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 23503 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1 ;; EDNS PSEUDOSECTION: ;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR ;; QUESTION SECTION: ;; www.quad9.net. IN HTTPS ;; ANSWER SECTION: www.quad9.net. 60 IN A 0.0.0.0 ;; Received 71 B ;; Time 2026-04-22 08:03:30 EDT ;; From 10.120.48.254@53(UDP) in 0.7 ms ``` another domain with cname responses in the https record.. ``` ❯❯ kdig @10.120.48.254 www.slashdot.org https ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 42739 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 1; ADDITIONAL: 1 ;; EDNS PSEUDOSECTION: ;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR ;; QUESTION SECTION: ;; www.slashdot.org. IN HTTPS ;; ANSWER SECTION: www.slashdot.org. 300 IN CNAME www.slashdot.org.cdn.cloudflare.net. ;; AUTHORITY SECTION: cloudflare.net. 1800 IN SOA ns1.cloudflare.net. dns.cloudflare.com. 2401921514 10000 2400 604800 1800 ;; Received 182 B ;; Time 2026-04-22 08:04:11 EDT ;; From 10.120.48.254@53(UDP) in 22.5 ms ``` 🤷‍♂️ Thank you in advance.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
Something isn't working
 dependencies
Pull requests that update a dependency file
 docker
Pull requests that update docker code
 documentation
Improvements or additions to documentation
 duplicate
This issue or pull request already exists
 enhancement
New feature or request
 github_actions
Pull requests that update GitHub Actions code
 good first issue
Good for newcomers
 help wanted
Extra attention is needed
 invalid
This doesn't seem right
 question
Further information is requested
 rust
Pull requests that update rust code
 wontfix
This will not be worked on
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
dearsky
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: dearsky/numa#128
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?