DNS 5 REFUSED vs 20 BADNAME
Both DNS 5 (REFUSED) and 20 (BADNAME) belong to the DNS Response Codes (RCODEs) category. 5 indicates that query refused. The name server refuses to perform the requested operation for policy reasons. Meanwhile, 20 means that duplicate key name. The key name in a TKEY negotiation is already in use or conflicts with an existing key.
설명
Query refused. The name server refuses to perform the requested operation for policy reasons.
이 코드를 보게 되는 경우
The server rejected your query due to access control — for example, a recursive resolver that only serves its own network, or a zone transfer blocked by ACL.
해결 방법
Check the server's allow-query, allow-recursion, or allow-transfer ACLs. If you are not authorized to use this resolver, switch to a public DNS service.
설명
Duplicate key name. The key name in a TKEY negotiation is already in use or conflicts with an existing key.
이 코드를 보게 되는 경우
A TKEY key establishment failed because a key with the same name already exists on the server from a previous session that was not properly cleaned up.
해결 방법
Use a unique key name for each TKEY session (e.g., append a timestamp or random suffix). Delete stale keys on the server if they are no longer needed.
주요 차이점
DNS 5: Query refused. The name server refuses to perform the requested operation for policy reasons.
DNS 20: Duplicate key name. The key name in a TKEY negotiation is already in use or conflicts with an existing key.
You encounter 5 when the server rejected your query due to access control — for example, a recursive resolver that only serves its own network, or a zone transfer blocked by ACL.
You encounter 20 when a TKEY key establishment failed because a key with the same name already exists on the server from a previous session that was not properly cleaned up.
언제 어떤 것을 사용할지
For 5 (REFUSED): Check the server's allow-query, allow-recursion, or allow-transfer ACLs. If you are not authorized to use this resolver, switch to a public DNS service. For 20 (BADNAME): Use a unique key name for each TKEY session (e.g., append a timestamp or random suffix). Delete stale keys on the server if they are no longer needed.