Bug 194010 - Do not debug the internet DNS infrastructure by default
Summary: Do not debug the internet DNS infrastructure by default
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: bind
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jason Vas Dias
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-06-04 14:38 UTC by Nicolas Mailhot
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2006-06-05 17:24:24 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Nicolas Mailhot 2006-06-04 14:38:24 UTC
Description of problem:

So I've just installed a local DNS for my private LAN, then watched in horror as
my syslog started overfilling with screenfulls of FORMERR errors

After investigating it seems
1. these are not blocking
2. the errors are on the external DNSes I use as forwarders (and I don't control
them)
3. they main purpose seem to show how broken previous versions of bind (and
non-bind DNS servers) are. Thank you bind developpers for educating me!

Since none of it should be of any concern for anyone setting its own DNS, I
propose to add :

//Uncomment if you wish to debug the internet DNS infrastructure
logging {
        category lame-servers { null; };
};

to the default Fedora named.conf

All this on bind-9.3.2-23.FC6

Comment 1 Jason Vas Dias 2006-06-05 17:24:24 UTC
Well, I'm sorry your installation seems to be using broken external DNS servers,
but people ought to be able to rely on named informing them of potential
problems with the FORMERR / lame-server messages. If people decide these issues
are not a problem for them or they have no control over the broken servers, 
then they can easily disable the log message generation as you have done - but
I do not agree that these messages should be disabled by default. Indeed, the
bind  package by itself provides no default configuration - for that, you need 
to install bind-config, which provides a configuration for a caching nameserver
- so it would not be possible or desireable to disable these log messages in 
the default bind configuration.

Comment 2 Nicolas Mailhot 2006-06-05 17:36:00 UTC
"Easily" is a big word.

It was *not* easy to find how to disable them and the internet is littered with
messages of people loosing far too much time on what these messages are and are
they dangerous and so on (usually not getting to the disable step). Just google
for FORMERR and have some fun with people getting in panic mode

Please at least include the commented out block in the default fedora config


Note You need to log in before you can comment on or make changes to this bug.