[dns-operations] [Ext] Nameserver responses from different IP than destination of request
Mark Andrews
marka at isc.org
Tue Sep 1 21:44:53 UTC 2020
BIND 9 isn’t setup to log these. They will fall under the stats counter mismatch but that also captures (some) duplicate responses and late responses.
This filters out is/address pairs that named is not expecting. The question section is tested later.
Dig will report these so you can test servers that you believe are broken.
--
Mark Andrews
> On 2 Sep 2020, at 05:25, Andreas Ott <andreas at naund.org> wrote:
>
>
>
>
>> On Mon, Aug 31, 2020 at 8:00 PM P Vixie <paul at redbarn.org> wrote:
>> [...] the observation that something
>> bad is not happening to somebody doesn't mean it's not happening to anybody.
>
> May I please ask an operational question to experts: though I am only running a small number of authoritative and recursive servers, I am coming up short looking up what logging I need to turn on in BIND 9.16 and what logged strings I need to parse out to see responses coming from a different IP? I have various log channels enabled per the BIND logging "FAQ" but either I am missing config bits or the problem does not occur (on my servers). This is in a network lab setup and I am able to share data.
>
> Thanks, andreas
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200902/3fbeb6bd/attachment.html>
More information about the dns-operations
mailing list