reason for "expected covering NSEC3, got an exact match" ?
Gilles Massen
gilles.massen at restena.lu
Tue Jul 13 14:06:23 UTC 2010
Kalman Feher wrote:
> Ok now I see it.
> The response appears ok, but the log entry is odd. I see the same on my test
> box (9.7.1 not patched to P1 yet).
I saw this on earlier 9.7 as well.
> A brief thread on this occurred earlier
> in the year (archived here):
> http://newsgroups.derkeiler.com/Archive/Comp/comp.protocols.dns.bind/2010-03
> /msg00282.html
I saw this as well, but it doesn't give an explanation on why Bind logs
this, because the requested data does not exist in the zone.
However, while digging a bit in the source, I wondered if bind was not
confused because during the lookup of the NSEC3 record it found data
synthesized by the wildcard, when no data was expected. If that's the
case it's a very minor bug, but I'm not good in reading source code...
Gilles
--
Fondation RESTENA - DNS-LU
6, rue Coudenhove-Kalergi
L-1359 Luxembourg
tel: (+352) 424409
fax: (+352) 422473
More information about the bind-users
mailing list