Re: Warning: ID mismatch:

>>>>> "Maria" == Maria Iano <maria@iano.org> writes:

Maria> I have two caching servers, res1 and res2, running BIND
Maria> 9.2.3 on Red Hat Linux release 8.0 (Psyche). They sit
Maria> inside a firewall, and forward queries to four different
Maria> caching servers on the outside, as well as some internal
Maria> servers authoritative for internal zones. Last week res2
Maria> starting being slow and failing resolution
Maria> intermittently. Dig queries sent from res2 to the outside
Maria> resolvers worked correctly. Dig queries sent from res2 to
Maria> res1 worked correctly. However, dig queries from res1 to
Maria> res2 produced error messages like this:

Maria> ;; Warning: ID mismatch: expected ID 3325, got 34596

Maria> I suspect that if I reboot it the error will clear up
Maria> again, but before I do that I want to try and work out what
Maria> is going on.

Maria> Any advice?

Your firewall is probably broken. A DNS query includes a (random)
query ID. This is to help a name server match an answer with the
questions it has asked. The log messages indicate some answers your
server is getting have different query IDs from the ones it used when
the queries were made. This is almost certainly caused by your
firewall messing with the DNS packets as they go by.