[dns-operations] Cname errors?

Shane Kerr shane at time-travellers.org
Wed Sep 30 14:31:10 UTC 2015


[ I realize that this is probably a conversation that should happen on
  the bind-hackers list and not dns-operations, but I'll follow up here
  anyway. Apologies for the noise. ]

On 2015-09-29 08:46-0700
Paul Vixie <paul at redbarn.org> wrote:

> > Are these messages caused by a local misconfiguration? If not, then I
> > hope the message is off by default.
> >
> > Filling logs with messages about things that the administrator can't do
> > anything about seems like a bad idea (see also "lame delegation
> > warnings").
> since each message corresponds to an outbound SERVFAIL, it's reasonable
> to log it by default.

I may misunderstand the message, but it seems like something that gets
logged by a resolver when someone has configured their zone improperly
on the authority side. (Apologies if I misunderstand the message!)

If this is the case, then it should be off by default. I'll say it
again: filling my logs with something that I can't fix seems like a big
waste of everybody's time.

I admit that this might be a useful option for people with
sophisticated logging facilities, as it could provide input for a help
desk in resolving a user issue. But those people are surely clueful
enough to enable it along with every other bit of logging provided by
any tool they run. :)

Also, Mark's regarding characterization of this being disabled as a bug
because it was on in BIND 8... given that BIND 8 was EOL'd more than 8
years ago I don't think we need to consider behavior changes from BIND
8 as a bug anymore. Probably any differences should be considered

But perhaps BIND 9 should add the "--internet-busybody" option for
people who have time to go around letting other administrators know
that the network is not configured to their liking? ;)



More information about the dns-operations mailing list