Latest BIND: Error "rpz_rewrite_name: mismatched summary data; continuing"

Tony Finch dot at
Wed Aug 31 13:05:29 UTC 2016

Tom <tomtux007 at> wrote:
> I have a bind-setup with activated response-policy-zones. For *each*
> client-forward-query, which has a valid dns-response, I got an error in the
> client-log (for NXDOMAIN-Reponses, I didn't have such errors... ex. "dig
> @nameserver aasledkfjasdlkfjsadlf.asdlfkjsadlfkjasdjflk"):

There's a comment before this error message saying:

	 * Continue after a policy record that is missing
	 * contrary to the summary data.  The summary
	 * data can out of date during races with and among
	 * policy zone updates.

Spamhaus RPZ updates frequently, which might be related to your problem.
However I would not expect an update race to cause a complaint for every

