What’s the bug here? It correctly reports broken upstream DNS servers.
Ondřej
--
Ondřej Surý <ond...@sury.org> (He/Him)
> On 25. 9. 2023, at 20:09, Thomas Leuxner <t...@leuxner.net> wrote:
>
> Package: bind9
> Version: 1:9.18.19-1~deb12u1
> Severity: normal
>
> Dear Maintainer,
>
> The latest update introduces the following qname related warnings (plenty of):
>
> Sep 24 00:05:00 edi named[3799059]: DNS format error from 2a02:27aa::278#53
> resolving k5oncgnszt7szhzfce6cf5wdmi.zen.dq.spamhaus.net/NS for <unknown>:
> reply has no answer
> Sep 24 00:05:00 edi named[3799059]: success resolving
> '1.0.0.127.k5oncgnszt7szhzfce6cf5wdmi.zen.dq.spamhaus.net/A' after disabling
> qname minimization due to 'failure'
> Sep 24 00:31:24 edi named[3799059]: success resolving
> '1.0.0.127.rep.mailspike.net/A' after disabling qname minimization due to
> 'ncache nxdomain'
>
> Disabling 'qname-minimization' silences the warnings, but it certainly looks
> like an undesired side-effect of the patch.
>
> view "internal" {
> match-clients { internal_hosts; trusted_hosts; };
> minimal-responses yes;
> qname-minimization off;
> recursion yes;
> }
>
> Regards
> Thomas
