getting edns disabling message in logs

Tony Finch dot at
Tue Jul 3 13:57:52 UTC 2012

Ben <benjo11111 at> wrote:
> We run bind as caching only dns server for our customers. In logs, i can
> see so many entries which tells
> success resolving 'x.y.z/A' (in '.'?) after disabling EDNS
> How to check that current bind installation has EDNS enabled or ?
> what could be reason behind it?

BIND has EDNS enabled by default. These log messages indicate that BIND is
trying and failing to make EDNS queries. This is usually caused by a
misconfigured firewall between the name server and the rest of the

f.anthony.n.finch  <dot at>
FitzRoy: Southwesterly veering northwesterly 4 or 5, occasionally 6 later in
northwest. Moderate, becoming rough in northwest. Rain then showers. Moderate
or good, occasionally poor at first in north.

More information about the bind-users mailing list