non-improving referral
Leo Baltus
Leo.Baltus at omroep.nl
Tue Oct 26 16:13:49 UTC 2010
Hi,
We are in the process of migrating from bind-9.4-ESV-R2 to bind-9.7.2-P2.
We have our authoritative servers migrated to bind-9.7.2-P2 and it all
seems to work fine.
While testing our caching resolvers with bind-9.7.2-P2 however, we
noticed some errors in our logfiles we have never seen before.
Oct 26 09:52:03 myhost named[21085]: DNS format error from 1.5.3.4#53 resolving 1.2.4.2.x.y.z.example.com/TXT for client 1.5.3.203#15637: non-improving referral
Oct 26 09:52:03 myhost named[21085]: DNS format error from 1.5.2.2#53 resolving 1.2.4.2.x.y.z.example.com/TXT for client 1.5.3.203#15637: non-improving referral
Obviously I have obscured some data here :) As you may guess this is a
query for a TXT record from a blocklist-daemon.
The nameservers on 1.5.3.4 and 1.5.2.2 are bind-9.7.2-P2.
The queried domains are hosted by us and the hopefully relevant part of
the zone looks like this:
x.y.z.example.com. IN NS bl1a.example.com.
x.y.z.example.com. IN NS bl1b.example.com.
A dump of the cache shows NS and A records are in the cache for bl1[ab]
however, on each non-cached query from the client both errorlines
are printed in the log suggesting the resolver is not using the cached
NS records.
The client receives a valid answer, so my only real problem seems to be
the amount of spam I get in our logfiles.
The blocklist is served by rbldnsd, manually query-ing gives my a
valid response.
Could anybody tell me what problem bind is complaining about?
Please CC me as I am not on this list.
--
Leo Baltus, internetbeheerder /\
NPO ICT Internet Services /NPO/\
Sumatralaan 45, 1217 GP Hilversum, Filmcentrum, west \ /\/
beheer at omroep.nl, 035-6773555 \/
More information about the bind-users
mailing list