DNS 5 REFUSED vs 10 NOTZONE
Both DNS 5 (REFUSED) and 10 (NOTZONE) belong to the DNS Response Codes (RCODEs) category. 5 indicates that query refused. The name server refuses to perform the requested operation for policy reasons. Meanwhile, 10 means that name not contained in zone. A name used in the Prerequisite or Update section is not within the zone denoted by the Zone section.
Описание
Query refused. The name server refuses to perform the requested operation for policy reasons.
Когда вы это видите
The server rejected your query due to access control — for example, a recursive resolver that only serves its own network, or a zone transfer blocked by ACL.
Как исправить
Check the server's allow-query, allow-recursion, or allow-transfer ACLs. If you are not authorized to use this resolver, switch to a public DNS service.
Описание
Name not contained in zone. A name used in the Prerequisite or Update section is not within the zone denoted by the Zone section.
Когда вы это видите
Your dynamic update tried to modify a record that falls outside the zone specified in the update message (e.g., updating foo.example.org in the example.com zone).
Как исправить
Ensure all names in the update are within the target zone. Check for typos in the zone name or the records being updated.
Ключевые различия
DNS 5: Query refused. The name server refuses to perform the requested operation for policy reasons.
DNS 10: Name not contained in zone. A name used in the Prerequisite or Update section is not within the zone denoted by the Zone section.
You encounter 5 when the server rejected your query due to access control — for example, a recursive resolver that only serves its own network, or a zone transfer blocked by ACL.
You encounter 10 when your dynamic update tried to modify a record that falls outside the zone specified in the update message (e.g., updating foo.example.org in the example.com zone).
Когда что использовать
For 5 (REFUSED): Check the server's allow-query, allow-recursion, or allow-transfer ACLs. If you are not authorized to use this resolver, switch to a public DNS service. For 10 (NOTZONE): Ensure all names in the update are within the target zone. Check for typos in the zone name or the records being updated.