The DNS logging always logs database error every time it access the ldap. even though the query returns okay and the dns reply is fine.
here is an excerpt of the log named.run
24-Oct-2010 10:32:33.025 edns-disabled: info: success resolving 'www.mailscanner.tv/A' (in 'mailscanner.tv'?) after reducing the advertised EDNS UDP packet size to 512 octets 24-Oct-2010 10:34:41.137 database: error: querying 'idnsName=wpad, idnsname=uzdomain.ca,cn=dns,dc=uzdomain,dc=ca' with '(objectClass=idnsRecord)' 24-Oct-2010 10:34:41.140 database: error: querying 'idnsname=uzdomain.ca,cn=dns,dc=uzdomain,dc=ca' with '(objectClass=idnsRecord)' 24-Oct-2010 10:34:41.143 database: error: entry count: 1 24-Oct-2010 10:34:41.146 database: error: querying 'idnsName=wpad, idnsname=uzdomain.ca,cn=dns,dc=uzdomain,dc=ca' with '(objectClass=idnsRecord)' 24-Oct-2010 10:39:43.581 database: error: querying 'idnsName=wpad, idnsname=uzdomain.ca,cn=dns,dc=uzdomain,dc=ca' with '(objectClass=idnsRecord)' 24-Oct-2010 10:39:43.583 database: error: querying 'idnsname=uzdomain.ca,cn=dns,dc=uzdomain,dc=ca' with '(objectClass=idnsRecord)' 24-Oct-2010 10:39:43.586 database: error: entry count: 1 24-Oct-2010 10:39:43.589 database: error: querying 'idnsName=wpad, idnsname=uzdomain.ca,cn=dns,dc=uzdomain,dc=ca' with '(objectClass=idnsRecord)' }} here is our logging configuration // ******************* // Logging definitions // ******************* // Logging logging { channel "named_log" { file "data/log/named.run" versions 5 size 4m; severity dynamic; print-category yes; print-severity yes; print-time yes; }; channel "security_log" { file "data/log/security.log" versions 5 size 10m; severity dynamic; print-category yes; print-severity yes; print-time yes; }; channel "query_log" { file "data/log/query.log" versions 5 size 50m; #severity dynamic; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "transfer_log" { file "data/log/transfer.log" versions 5 size 10m; severity dynamic; print-category yes; print-severity yes; }; category "default" { "named_log"; "default_syslog"; "default_debug"; }; category "general" { "named_log"; }; category "queries" { "query_log"; }; category "lame-servers" { null; }; category "security" { "security_log"; }; category "config" { "named_log"; }; category "resolver" { "query_log"; }; category "xfer-in" { "transfer_log"; }; category "xfer-out" { "transfer_log"; }; category "notify" { "transfer_log"; }; category "client" { "query_log"; }; category "network" { "named_log"; }; category "update" { "transfer_log"; }; category "dnssec" { "security_log"; }; category "dispatch" { "security_log"; }; };
This error message keeps triggering our monitoring systems.
I can't reproduce this but it looks like the log levels that bind-dyndb-ldap use don't map to the ISC log levels.
I opened bug https://bugzilla.redhat.com/show_bug.cgi?id=656454 against this.
Fixed in bind-dyndb-ldap-0.2.0-1.fc14
Metadata Update from @dpal: - Issue assigned to rcritten - Issue set to the milestone: FreeIPA 2.0 - 2011/01 (cleanup)
Login to comment on this ticket.