Problem with firewall
Ivan
ivanp at inlinea.it
Wed Aug 23 12:20:35 UTC 2000
I've just set up our new DNS with BIND 8.2.2P5 on a Redhat 6.2. The
DNS-Server works fine, but I saw something strange in the logfile of our
firewall.
It continuously gives me this packets, about 4 in a minute.
What do I have to do?
Packet 1: 00:E0:B6:01:7A:80 -> 00:20:AF:F3:35:34
Network: Ethernet
Frame type: 802.3, Frame size: 482
Time: 16h:56m 06.842sec
IP, 202.12.27.33 -> 192.168.200.1
Source IP: 202.12.27.33, Destination IP: 192.168.200.1
Version: 04, IP header length: 05 (32 bit words)
Service type: 0: Precedence: 0, Delay: Norm, Throug: Norm, Reliab:
Norm
Total IP length: 464
ID: B37Fh
Fragments: No
Time to live: 47
PROTOCOL: [17] UDP
Header checksum: 68C6 (GOOD)
UDP, [53] -> [1034]
Source port: [53] dns, Destination port: [1034]
UDP length: 444, Checksum: 4377h (GOOD)
DNS Section 0: 436 bytes
Identification: 0x6715
Flags: 0x8400
Bits 0 to 3 : No error
Bits 4 to 6 : These three bits must be zero
Bit 7 : Recursion not available
Bit 8 : Recursion not desired
Bit 9 : Not truncated: reply returned in full
Bit 10 : Authorative answer: True
Bits 11 to 14: Standard Query
Bit 15 : Message is a response
Number of question records: 1
Number of answer records: 13
Number of authority records: 0
Number of additional records: 13
Question Records
Question Record 1:
Type: Name server
Query class: IP address
Answer records
Answer record 1:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 20 bytes
Resource Data: M.ROOT-SERVERS.NET
Answer record 2:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: I.ROOT-SERVERS.NET (Pointer record)
Answer record 3:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: E.ROOT-SERVERS.NET (Pointer record)
Answer record 4:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: D.ROOT-SERVERS.NET (Pointer record)
Answer record 5:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: A.ROOT-SERVERS.NET (Pointer record)
Answer record 6:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: H.ROOT-SERVERS.NET (Pointer record)
Answer record 7:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: C.ROOT-SERVERS.NET (Pointer record)
Answer record 8:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: G.ROOT-SERVERS.NET (Pointer record)
Answer record 9:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: F.ROOT-SERVERS.NET (Pointer record)
Answer record 10:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: B.ROOT-SERVERS.NET (Pointer record)
Answer record 11:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: J.ROOT-SERVERS.NET (Pointer record)
Answer record 12:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: K.ROOT-SERVERS.NET (Pointer record)
Answer record 13:
Type: 2, Name server
Class: 1; IP address
Time to live: 518400 seconds
Resource data length: 4 bytes
Resource Data: L.ROOT-SERVERS.NET (Pointer record)
Additional records
Additional record 1: M.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 202.12.27.33
Additional record 2: I.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 192.36.148.17
Additional record 3: E.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 192.203.230.10
Additional record 4: D.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 128.8.10.90
Additional record 5: A.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 198.41.0.4
Additional record 6: H.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 128.63.2.53
Additional record 7: C.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 192.33.4.12
Additional record 8: G.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 192.112.36.4
Additional record 9: F.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 192.5.5.241
Additional record 10: B.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 128.9.0.107
Additional record 11: J.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 198.41.0.10
Additional record 12: K.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 193.0.14.129
Additional record 13: L.ROOT-SERVERS.NET (Pointer record)
Type: 1, IP address
Class: 1; IP address
Time to live: 3600000 seconds
Resource data length: 4 bytes
Resource Data: 198.32.64.12
RAW PACKET LISTING:
0000 00 20 AF F3 35 34 00 E0 B6 01 7A 80 08 00 45 00 . ¯ó54.à¶.z..E.
0010 01 D0 B3 7F 00 00 2F 11 68 C6 CA 0C 1B 21 C0 A8 .г../.hÆÊ..!À¨
0020 C8 01 00 35 04 0A 01 BC 43 77 67 15 84 00 00 01 È..5...¼Cwg....
0030 00 0D 00 00 00 0D 00 00 02 00 01 00 00 02 00 01 ................
0040 00 07 E9 00 00 14 01 4D 0C 52 4F 4F 54 2D 53 45 ..é....M.ROOT-SE
0050 52 56 45 52 53 03 4E 45 54 00 00 00 02 00 01 00 RVERS.NET.......
0060 07 E9 00 00 04 01 49 C0 1E 00 00 02 00 01 00 07 .é....IÀ........
0070 E9 00 00 04 01 45 C0 1E 00 00 02 00 01 00 07 E9 é....EÀ........é
0080 00 00 04 01 44 C0 1E 00 00 02 00 01 00 07 E9 00 ....DÀ........é.
0090 00 04 01 41 C0 1E 00 00 02 00 01 00 07 E9 00 00 ...AÀ........é..
00A0 04 01 48 C0 1E 00 00 02 00 01 00 07 E9 00 00 04 ..HÀ........é...
00B0 01 43 C0 1E 00 00 02 00 01 00 07 E9 00 00 04 01 .CÀ........é....
00C0 47 C0 1E 00 00 02 00 01 00 07 E9 00 00 04 01 46 GÀ........é....F
00D0 C0 1E 00 00 02 00 01 00 07 E9 00 00 04 01 42 C0 À........é....BÀ
00E0 1E 00 00 02 00 01 00 07 E9 00 00 04 01 4A C0 1E ........é....JÀ.
00F0 00 00 02 00 01 00 07 E9 00 00 04 01 4B C0 1E 00 .......é....KÀ..
0100 00 02 00 01 00 07 E9 00 00 04 01 4C C0 1E C0 1C ......é....LÀ.À.
0110 00 01 00 01 00 36 EE 80 00 04 CA 0C 1B 21 C0 3B .....6î..Ê..!À;
0120 00 01 00 01 00 36 EE 80 00 04 C0 24 94 11 C0 4A .....6î..À$.ÀJ
0130 00 01 00 01 00 36 EE 80 00 04 C0 CB E6 0A C0 59 .....6î..ÀËæ.ÀY
0140 00 01 00 01 00 36 EE 80 00 04 80 08 0A 5A C0 68 .....6î....ZÀh
0150 00 01 00 01 00 36 EE 80 00 04 C6 29 00 04 C0 77 .....6î..Æ)..Àw
0160 00 01 00 01 00 36 EE 80 00 04 80 3F 02 35 C0 86 .....6î..?.5À
0170 00 01 00 01 00 36 EE 80 00 04 C0 21 04 0C C0 95 .....6î..À!..À
0180 00 01 00 01 00 36 EE 80 00 04 C0 70 24 04 C0 A4 .....6î..Àp$.À¤
0190 00 01 00 01 00 36 EE 80 00 04 C0 05 05 F1 C0 B3 .....6î..À..ñÀ³
01A0 00 01 00 01 00 36 EE 80 00 04 80 09 00 6B C0 C2 .....6î....kÀÂ
01B0 00 01 00 01 00 36 EE 80 00 04 C6 29 00 0A C0 D1 .....6î..Æ)..ÀÑ
01C0 00 01 00 01 00 36 EE 80 00 04 C1 00 0E 81 C0 E0 .....6î..Á..Àà
01D0 00 01 00 01 00 36 EE 80 00 04 C6 20 40 0C .....6î..Æ @.Àà
---------------------------------------------------------------
---------------------------------------------------------------
More information about the bind-users
mailing list