What can I do to prevent BIND from outputting these logs

domain-name-system debian bind
5,239

Try to check if it's on your end that something is causing problems with DNS packets that are >512 bytes. This should not be the case but there are firewalls that incorrectly do not allow this.

If the problem does not consistently occur with large packets but only happens with some specific remote servers it would seem that the problem is outside your control.

There are the edns-udp-size (this specifies the largest packet you advertise that you can receive) and max-udp-size (this specifies the largest packet you will send) options. Both default to 4096. Lowering these will increase the likelyhood of truncated responses and fallback to TCP in their respective directions (one is more relevant for recursion, the other for authoritative).

However, it only really makes sense to change these settings if the problem is on your own end rather than if you have just run into some random remote server that has a problem. On the other hand, if the problem is on your end the best solution would typically be to fix the network device that causes the problem rather than configuring bind to limit the packet size.

Share:
5,239

Related videos on Youtube

lacrosse1991
Author by

lacrosse1991

Updated on September 18, 2022

Comments

  • lacrosse1991
    lacrosse1991 almost 2 years

    I recently noticed that BIND has been producing a large amount of logs in /var/syslog relating to one particular server (ezdns)

    Jun  3 03:29:24 overlook named[6586]: success resolving 'ns0.ezdns.tf/AAAA' (in 'ezdns.tf'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:25 overlook named[6586]: success resolving 'ns4.ezdns.tf/A' (in 'ezdns.tf'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:25 overlook named[6586]: success resolving 'ns4.ezdns.tf/AAAA' (in 'ezdns.tf'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:25 overlook named[6586]: success resolving 'ns2.ezdns.tf/A' (in 'ezdns.tf'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:25 overlook named[6586]: success resolving 'ns2.ezdns.tf/AAAA' (in 'ezdns.tf'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:25 overlook named[6586]: success resolving 'ns5.ezdns.tf/A' (in 'ezdns.tf'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:25 overlook named[6586]: success resolving 'ns5.ezdns.tf/AAAA' (in 'ezdns.tf'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:25 overlook named[6586]: success resolving 'ns5.ezdns.ms/A' (in 'ezdns.ms'?) after disabling EDNS
Jun  3 03:29:25 overlook named[6586]: success resolving 'ns0.ezdns.pm/AAAA' (in 'ezdns.pm'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:26 overlook named[6586]: success resolving 'ns3.ezdns.yt/AAAA' (in 'ezdns.yt'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:26 overlook named[6586]: success resolving 'ns1.ezdns.pl/A' (in 'ezdns.pl'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:27 overlook named[6586]: success resolving 'ns0.ezdns.it/AAAA' (in 'ezdns.it'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:27 overlook named[6586]: success resolving 'ns1.ezdns.la/AAAA' (in 'ezdns.la'?) after disabling EDNS
Jun  3 03:29:27 overlook named[6586]: success resolving 'ns0.ezdns.yt/AAAA' (in 'ezdns.yt'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:28 overlook named[6586]: success resolving 'ns0.ezdns.sx/AAAA' (in 'ezdns.sx'?) after reducing the advertised EDNS UDP packet size to 512 octets
Jun  3 03:29:29 overlook named[6586]: success resolving 'ns5.ezdns.ms/AAAA' (in 'ezdns.ms'?) after disabling EDNS
Jun  3 03:29:29 overlook named[6586]: success resolving 'ns2.ezdns.pl/A' (in 'ezdns.pl'?) after disabling EDNS
Jun  3 03:29:30 overlook named[6586]: success resolving 'ns0.ezdns.sx/AAAA' (in 'ezdns.sx'?) after disabling EDNS
Jun  3 03:29:30 overlook named[6586]: success resolving 'ns0.ezdns.yt/AAAA' (in 'ezdns.yt'?) after disabling EDNS
Jun  3 03:29:31 overlook named[6586]: success resolving 'ns0.ezdns.ms/AAAA' (in 'ezdns.ms'?) after disabling EDNS
Jun  3 03:29:33 overlook named[6586]: success resolving 'ns0.ezdns.ms/AAAA' (in 'ezdns.ms'?) after disabling EDNS

    What can I do to prevent these logs from appearing? Why would this server be the only server that is causing BIND to produce these logs?

    I've search around google and have found a few different solutions for hiding these logs, but I would like to know why this one server is so troublesome

    • lacrosse1991
      lacrosse1991 about 10 years
      @FredtheMagicWonderDog Hello, sorry about that. Had been concerned that the log excerpt was too large of an amount of text (thought that people would complain). I've updated the question with the actual text
    • lacrosse1991
      lacrosse1991 about 10 years
      @HåkanLindqvist Hello, I've updated the question with the actual text. How did you extract the text from that picture by the way? (in the edit that you had made)
    • Håkan Lindqvist
      Håkan Lindqvist about 10 years
      @lacrosse1991 OCR

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

configure BIND DNS on debian
Setting up a DNS name server for a mass virtual host with Bind9
Why BIND does not use the forwarders any more?
How to configure bind9 to accept connections from other machines
Configure BIND to be a simple forwarder (no root-servers queries)
named the working directory is not writable
Using sub-subdomains with bind
Bind9 minimal zone configuration seems not working
view external: query (cache) denied on bind9/named
dns bind not working nslookup gives servfail