On Tue, Nov 12, 2013 at 09:14:24AM -0500, Alan Clegg wrote: > > On Nov 12, 2013, at 12:13 AM, Crist Clark <cjc+bind-us...@pumpky.net> wrote: > > > From the initial mail: "This is BIND 9.9.2 (Infoblox 6.7.3)." > > > > No huge increase in resource usage noted. > > Has the vendor in question provided a response? > > Having worked on Frankenstein versions of BIND in the past (Hi, Redhat!), I?d > be leery of answering this question as an ?outsider?. Certainly not with an > authoritative answer.
I have an open ticket with their support. I only came to the list after not getting a lot of help. My tech seems to think the db_find() messages mean the server cannot resolve the names in question like there is a firewall or something blocking queries. But I can resolve the names when I query directly and the firewall is not blocking any DNS from the servers in question. I vaguely remember seeing something about the RPZ checks only using cached data for checks and not doing active lookups for things like NS records for performance reasons. I think it was on an ISC blog or something, not in any official manual. That's my suspicion of what db_find() failures mean. It couldn't find info in the cache. What I'd actually really like here is someone to give me a RTFM post with a pointer to the FM for RPZ error messages and algorthms if one exists. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users