Latest BIND: Error "rpz_rewrite_name: mismatched summary data; continuing"
Tom
tomtux007 at gmail.com
Tue Sep 6 05:37:50 UTC 2016
Is there a workaround/configuration-directive not to log every request
with this "error"? One way would be using BIND 9.9.9-P2 (because this
code was added in 9.10.x...), but I would prefer 9.10.x.
Kind regards,
Tom
On 08/31/2016 03:05 PM, Tony Finch wrote:
> Tom <tomtux007 at gmail.com> wrote:
>> I have a bind-setup with activated response-policy-zones. For *each*
>> client-forward-query, which has a valid dns-response, I got an error in the
>> client-log (for NXDOMAIN-Reponses, I didn't have such errors... ex. "dig
>> @nameserver aasledkfjasdlkfjsadlf.asdlfkjsadlfkjasdjflk"):
> There's a comment before this error message saying:
>
> /*
> * Continue after a policy record that is missing
> * contrary to the summary data. The summary
> * data can out of date during races with and among
> * policy zone updates.
> */
>
> Spamhaus RPZ updates frequently, which might be related to your problem.
> However I would not expect an update race to cause a complaint for every
> query...
>
> Tony.
More information about the bind-users
mailing list