IPv6 DNS requests? should we even be seeing these?
Simon Waters
Simon at wretched.demon.co.uk
Sun Sep 22 22:41:30 UTC 2002
DigitalVinyl wrote:
>
> We are receiving a variety of constant requests for mostly
> non-existent names to our DNS servers. I noticed that six server
> currently sending us constant requests are requesting AAAA records.
> This is a DNS query for an IPv6 host. Should these ever be seen on a
> IPv4 Internet?
Bits of the Internet are running IPv6 and probably leak a few
queries, but most of it is probably junk.
A common one is "openssh" which was shipped with IPv6 support
the default by a wellknown Linux vendor, so it would send IPv6
queries first.
> Secondly, even the name that does exist is refused by our DNS servers.
> I am guessing that is because we aren't resolving to an IPv6.
If I ask for AAAA, and it doesn't exists, that is an NXDOMAIN,
and cached.
If you are "refusing" to answer for some reason, then don't be
surprised if they ask again!
> Is this normal or are these DNS servers misconfigured?
Can't tell - more information needed.
Where are the refused queries coming from, and what bit of
named.conf is leading to them being refused?
More information about the bind-users
mailing list