Why is nslookup and dig giving me a “Warning: ID mismatch … got 0” error

digdns-lookupdomain-name-systemnslookup

I'm trying to troubleshoot some persistent connectivity issues and I'm frequently getting the following error message when using dig or nslookup.

bash$ nslookup
> www.google.com
;; Warning: ID mismatch: expected ID 36298, got 0
;; Warning: ID mismatch: expected ID 36298, got 0
;; Warning: ID mismatch: expected ID 36298, got 0

bash$ dig www.google.com
;; Warning: ID mismatch: expected ID 34149, got 0
;; Warning: ID mismatch: expected ID 34149, got 0
;; Warning: ID mismatch: expected ID 34149, got 0

; <<>> DiG 9.8.3-P1 <<>> www.capitalone360.com
;; global options: +cmd
;; connection timed out; no servers could be reached

Can anyone shed light on what this error message means, in particular the "got 0" portion?

Best Answer

It means that nslookup or dig received a reply with an ID of zero, rather than the ID it was expecting. As part of the protection against forged DNS replies, each DNS query contains an ID, usually chosen randomly. The DNS server copies the ID into the reply, allowing the client to match replies to queries and to prevent a forged DNS reply from being accepted.

This could be caused by a broken DNS server or broken DNS forwarding or rewriting scheme. It could also be caused by an attack of spoofed DNS replies, though that's unlikely.

Best Answer

Related Solutions

Nslookup/dig differ from how a browser resolves a hostname

What does “Warning: query response not set” mean in dig output

Related Topic