website IP, Deviant Art

Sorry for the problem with the website. Seems my DNS Provider decided to do a rollback and the old IP was active for dopefish.de (www.dopefish.de still worked). Both DNS entries now point to the new IP again.

In my last posting I forgot to mention I set up an account over at Deviant Art where I am posting pictures of mine I actually find worthwhile looking at. Not that I find the rest of my pictures outright bad, but they are more average and sorted by events/vacations. The ones I post at Deviant Art are pictures I find are above (my) average and worth the time to have a look. Currently not too many, but the collection will hopefully grow.

(E)DNS – Bind logging errors

Anyone that has upgraded Bind recently is probably wondering where all those EDNS error messages are suddenly coming from. Well, since I’d rather fix a problem than set up an ignore rule for tiger, I did some digging and found out this much:
EDNS is an extension to “normal” DNS and has been around for some time. The most often reason these error messages are triggered, is when a firewall decides to drop dns messages that it thinks are too big (> 512 bytes). If this is happening on “your end” than the best solution would be to simply fix the firewall. If this is happening on the other end, or if it is something more obscure like a Firewall blocking fragmented NAT packets, than you might be better off just disabling the logging for this situation. On my system /etc/bin/named.conf.local is included by named.conf (saves me any hassle when updating bind via the distributions packages since all my changes are in a separate file)

/etc/bind/named.conf.local
logging {
category lame-servers { null; };
category edns-disabled { null; };
};

This turns off logging for edns-disabled and lame-server messages. So you can concentrate on the more important logging messages 😉