Red Hat Bugzilla – Bug 194010
Do not debug the internet DNS infrastructure by default
Last modified: 2007-11-30 17:11:34 EST
Description of problem: So I've just installed a local DNS for my private LAN, then watched in horror as my syslog started overfilling with screenfulls of FORMERR errors After investigating it seems 1. these are not blocking 2. the errors are on the external DNSes I use as forwarders (and I don't control them) 3. they main purpose seem to show how broken previous versions of bind (and non-bind DNS servers) are. Thank you bind developpers for educating me! Since none of it should be of any concern for anyone setting its own DNS, I propose to add : //Uncomment if you wish to debug the internet DNS infrastructure logging { category lame-servers { null; }; }; to the default Fedora named.conf All this on bind-9.3.2-23.FC6
Well, I'm sorry your installation seems to be using broken external DNS servers, but people ought to be able to rely on named informing them of potential problems with the FORMERR / lame-server messages. If people decide these issues are not a problem for them or they have no control over the broken servers, then they can easily disable the log message generation as you have done - but I do not agree that these messages should be disabled by default. Indeed, the bind package by itself provides no default configuration - for that, you need to install bind-config, which provides a configuration for a caching nameserver - so it would not be possible or desireable to disable these log messages in the default bind configuration.
"Easily" is a big word. It was *not* easy to find how to disable them and the internet is littered with messages of people loosing far too much time on what these messages are and are they dangerous and so on (usually not getting to the disable step). Just google for FORMERR and have some fun with people getting in panic mode Please at least include the commented out block in the default fedora config