NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: named - a very basic question

Hash: SHA256

herbert langhans <> schrieb:

>- some request from anywhere in the world asks my server (straight on
>  ip 'Is the domain on ip'
>- my server (or named) aswers: no - access denied, good bye.

it seems somebody asks you server: "pls tell me which IPv4 address has host" - this could usually have these sources:

 - the requester tries to use your DNS as a full DNS (like the DNS from your 
Internet provider) server, serving any DNS information within the internet to 
them and/or as a forwarding DNS

 - the requester assumes that your DNS has the authory to serve - 
the domain is delegated to your server

>Maybe I should collect the ip numbers from the logfiles and put them in
>/etc/hosts.deny. But basically I am interested what goes on there.

This makes no real sense as the source of the problem is anywhere other plus 
DNS traffic is very small. It could make sense to block on IP level if your 
named eats to much ressources of them.

Usually a DNS client which did not get any answer is going away after a while. 
I did not know your config nor your DNS application at all, but it may be that 
your server partly serves recursing requests - (i.e. "fresh" ones but not from 
local cache or vice versa) which usually is wrong, but possible to misconfigure 
(if you understand what i mean here).

Use tools like dig and host and/or dnstracer to show how your named works for 
different situations and request scenarios with different target domain names / 
zones / records.



- --
Niels Dettenbach
Syndicat IT&Internet
Version: APG v1.0.8


Home | Main Index | Thread Index | Old Index