Latest BIND: Error "rpz_rewrite_name: mismatched summary data; continuing"

Tony Finch dot at dotat.at
Wed Aug 31 13:05:29 UTC 2016


Tom <tomtux007 at gmail.com> wrote:
>
> I have a bind-setup with activated response-policy-zones. For *each*
> client-forward-query, which has a valid dns-response, I got an error in the
> client-log (for NXDOMAIN-Reponses, I didn't have such errors... ex. "dig
> @nameserver aasledkfjasdlkfjsadlf.asdlfkjsadlfkjasdjflk"):

There's a comment before this error message saying:

	/*
	 * Continue after a policy record that is missing
	 * contrary to the summary data.  The summary
	 * data can out of date during races with and among
	 * policy zone updates.
	 */

Spamhaus RPZ updates frequently, which might be related to your problem.
However I would not expect an update race to cause a complaint for every
query...

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
Viking, North Utsire: Southerly or southwesterly 5 to 7. Moderate,
occasionally rough. Rain or showers. Good, occasionally moderate.


More information about the bind-users mailing list