dynamic updates category
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Thu Jun 13 03:49:17 UTC 2002
> Again we see someone frustrated by the fact that failed updates are
> classed as a securety event, and logged with all other security event.
> Several folks have argued here that the logging of failed updates, while
> documented, is confusing and counterintuitive. In particular, the fact
> that there is an 'update' category, described in the manual as logging
> dynamic update events, that does not catch *failed* update evenets seems
> to trip up an awful lot of people. Is the actual behaviour documented?
> Sure. Is it confusing? Yes.
>
> In April, on the NANOG list, Paul stated in plain English that "if there
> was demand, ISC would make a specific category called 'failed-updates'".
> It would seem that there is demand. Yet the last time this question was
> brought up here, the silence from the ISC and from nominum was
> deafening. So... What is the ISC's official position on this? Does the
> ISC consider that there is no demand? Was Paul blowing smoke? Has noone
> made an Officially Blessed Feature Request?
>
> -Pete
BIND 9.3 will have a "update-security" category.
That being said all this will do is hide the problem not
fix it. The fix is to disable the updates in the clients
which will not only silence the logs but stop all the other
wastage caused by the unwanted update requests.
Personally I find "grep -v" works well to get rid of the
noise.
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list