Weird named behaviour after adding second NIC
Kevin Darcy
kcd at daimlerchrysler.com
Wed Jun 12 02:30:04 UTC 2002
fernandoronci at hotmail.com wrote:
> Hi,
>
> I'm runing BIND 4.9.7 on SCO Openserver and after having added a
> second network card to the server, syslog started logging the
> following output every time 'named' starts:
>
> Jun 11 22:25:03 server1 named[286]: starting. named 4.9.7
> Jun 11 22:25:04 server1 named[286]: primary zone "vol.com.ar" loaded
> (serial 110602)
> Jun 11 22:25:04 server1 named[286]: cache zone "" loaded (serial 0)
> Jun 11 22:25:04 server1 named[286]: primary zone
> "70.43.200.in-addr.arpa" loaded (serial 110602)
> Jun 11 22:25:04 server1 named[286]: primary zone
> "0.0.127.in-addr.arpa" loaded (serial 110602)
> Jun 11 22:25:04 server1 named[288]: Ready to answer queries.
> Jun 11 22:25:25 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.33.14.30].53
> 'B.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:26 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.42.93.30].53
> 'G.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:26 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.54.112.30].53
> 'H.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:27 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.26.92.30].53
> 'C.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:28 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.43.172.30].53
> 'I.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:28 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.12.94.30].53
> 'E.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:29 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.35.51.30].53
> 'F.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:29 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.41.162.30].53
> 'L.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:30 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [210.132.100.101].53
> 'J.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:31 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.52.178.30].53
> 'K.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:31 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.5.6.30].53
> 'A.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:31 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.31.80.30].53
> 'D.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
> Jun 11 22:25:32 server1 named[288]: Lame server on
> 'BLACKHOLE-2.IANA.ORG' (in 'IANA.ORG'?): [192.55.83.30].53
> 'M.GTLD-SERVERS.NET': learnt (A=192.112.36.4,NS=198.32.64.12)
>
> Can anyone please tell me what's the relationship between the addition
> of a 2nd. network card, named and all that mess with the root servers,
> as well as a workaround for it?
Well, what address did you give the second NIC? Usually "blackhole" is
associated with (bogus) lookups of private addresses, e.g.
192.168.*.* addresses, in the public Internet DNS. My guess would be you
gave your NIC a private address, and something on your box (which could
be as simple as a "netstat" command) is trying to do reverse-lookups on
that new address, hence indirectly generating all of the log noise.
If you use private addresses and DNS, then you really should define the
relevant reverse zone(s), e.g. 168.192.in-addr.arpa, in order to contain
these reverse-lookups on your own network and prevent "leakage".
- Kevin
More information about the bind-users
mailing list