RE: Log output questions

Darcy Kevin (FCA) Fri, 07 Aug 2015 13:42:13 -0700

If IPv6 were disabled, named wouldn’t even get that far, trying to use it.


I saw speculation on another forum that these messages are caused by morons 
using AAAA records that point to “fe80::”, possibly as a misguided attempt to 
thwart malware. Although that’s legal to put into DNS, it’s not a legal address 
at lower levels of the IPv6 protocol stack, so named is going to generate 
errors when it tries to use it.

The suggestion was to mark the entire IPv6 link-local range (fe80::/10) as 
“bogus” in named.conf, assuming one isn’t doing any unusual DNS-over-IPv6 
testing that would require it. This is a more surgical and future-friendly 
approach than disabling IPv6 altogether.

                                                                                
                                                                                
                                - Kevin


From: [email protected] 
[mailto:[email protected]] On Behalf Of Charles Swiger
Sent: Friday, August 07, 2015 3:55 PM
To: Dimitri Yioulos
Cc: [email protected]
Subject: Re: Log output questions

On Aug 7, 2015, at 12:48 PM, Dimitri Yioulos 
<[email protected]<mailto:[email protected]>> wrote:
Hello, all.

I’m pretty new to BIND, and am tasked with monitoring several BIND server.  A 
script is in place that runs hourly, via cron, looking for any anomalies in 
named.log.  Here’s the essence of the script:

grep -i -E ': error: '|grep -i -E -v 'view external: update |view external: 
zone transfer|socket.c:5268: unexpected error:|connect(fe80::#53) 22/Invalid 
argument|unable to convert errno to isc_result: 92: Protocol not 
available|socket.c:1700: unexpected error:|errno2result.c:110: unexpected 
error:|22/Invalid argument|socket.c:4381: unexpected error:|socket.c:1890: 
unexpected error:'

Your script leads me to believe that you have IPv6 networking disabled.
Try running named with -4 flag or get IPv6 working.


06-Aug-2015 09:29:01.616 general: error: zone 
somedomain.com/IN/internal:<http://somedomain.com/IN/internal:> has 0 SOA 
records

That usually means you've setup a zone and the SOA record doesn't match or is 
otherwise invalid.
See what "named-checkzone somedomain.com<http://somedomain.com>" says.

Regards,
--
-Chuck

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users

RE: Log output questions

Reply via email to