Log output questions

Darcy Kevin (FCA) kevin.darcy at fcagroup.com
Fri Aug 7 20:40:37 UTC 2015 

If IPv6 were disabled, named wouldn’t even get that far, trying to use it.

I saw speculation on another forum that these messages are caused by morons using AAAA records that point to “fe80::”, possibly as a misguided attempt to thwart malware. Although that’s legal to put into DNS, it’s not a legal address at lower levels of the IPv6 protocol stack, so named is going to generate errors when it tries to use it.

The suggestion was to mark the entire IPv6 link-local range (fe80::/10) as “bogus” in named.conf, assuming one isn’t doing any unusual DNS-over-IPv6 testing that would require it. This is a more surgical and future-friendly approach than disabling IPv6 altogether.

                                                                                                                                                                                                - Kevin


From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Charles Swiger
Sent: Friday, August 07, 2015 3:55 PM
To: Dimitri Yioulos
Cc: bind-users at lists.isc.org
Subject: Re: Log output questions

On Aug 7, 2015, at 12:48 PM, Dimitri Yioulos <dyioulos at netatlantic.com<mailto:dyioulos at netatlantic.com>> wrote:
Hello, all.

I’m pretty new to BIND, and am tasked with monitoring several BIND server.  A script is in place that runs hourly, via cron, looking for any anomalies in named.log.  Here’s the essence of the script:

grep -i -E ': error: '|grep -i -E -v 'view external: update |view external: zone transfer|socket.c:5268: unexpected error:|connect(fe80::#53) 22/Invalid argument|unable to convert errno to isc_result: 92: Protocol not available|socket.c:1700: unexpected error:|errno2result.c:110: unexpected error:|22/Invalid argument|socket.c:4381: unexpected error:|socket.c:1890: unexpected error:'

Your script leads me to believe that you have IPv6 networking disabled.
Try running named with -4 flag or get IPv6 working.


06-Aug-2015 09:29:01.616 general: error: zone somedomain.com/IN/internal:<http://somedomain.com/IN/internal:> has 0 SOA records

That usually means you've setup a zone and the SOA record doesn't match or is otherwise invalid.
See what "named-checkzone somedomain.com<http://somedomain.com>" says.

Regards,
--
-Chuck

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150807/98b69ac5/attachment-0001.html>

More information about the bind-users mailing list