DNS 10 NOTZONE vs 23 BADCOOKIE
Both DNS 10 (NOTZONE) and 23 (BADCOOKIE) belong to the DNS Response Codes (RCODEs) category. 10 indicates that name not contained in zone. A name used in the Prerequisite or Update section is not within the zone denoted by the Zone section. Meanwhile, 23 means that bad or missing server cookie. The DNS COOKIE option in the request is absent, malformed, or does not match the server's expected value.
الوصف
Name not contained in zone. A name used in the Prerequisite or Update section is not within the zone denoted by the Zone section.
متى تراه
Your dynamic update tried to modify a record that falls outside the zone specified in the update message (e.g., updating foo.example.org in the example.com zone).
كيفية الإصلاح
Ensure all names in the update are within the target zone. Check for typos in the zone name or the records being updated.
الوصف
Bad or missing server cookie. The DNS COOKIE option in the request is absent, malformed, or does not match the server's expected value.
متى تراه
Your resolver sent a query without a valid server cookie, or the cookie has expired. This is part of the DNS COOKIE mechanism to prevent spoofed-source attacks.
كيفية الإصلاح
Retry the query — most resolvers automatically learn the correct server cookie from the first response. If the error persists, ensure your resolver supports RFC 7873 DNS Cookies.
الفروق الرئيسية
DNS 10: Name not contained in zone. A name used in the Prerequisite or Update section is not within the zone denoted by the Zone section.
DNS 23: Bad or missing server cookie. The DNS COOKIE option in the request is absent, malformed, or does not match the server's expected value.
You encounter 10 when your dynamic update tried to modify a record that falls outside the zone specified in the update message (e.g., updating foo.example.org in the example.com zone).
You encounter 23 when your resolver sent a query without a valid server cookie, or the cookie has expired. This is part of the DNS COOKIE mechanism to prevent spoofed-source attacks.
متى تستخدم أيًا منهما
For 10 (NOTZONE): Ensure all names in the update are within the target zone. Check for typos in the zone name or the records being updated. For 23 (BADCOOKIE): Retry the query — most resolvers automatically learn the correct server cookie from the first response. If the error persists, ensure your resolver supports RFC 7873 DNS Cookies.