Bind: heavy cpu load
Victor Escudero - Sun Spain - Technical Support Engineer
victor.escudero at sun.com
Thu Feb 12 16:47:29 UTC 2004
Hi gurus,
We have just detected a lot of errors in our DNS servers with traces similar to:
12-Feb-2004 13:05:39.886 response-checks: info: bad referral
(xxx.yyy.zzz.in-addr.arpa !< uuu.xxx.yyy.zzz.in-addr.arpa) from [aaa.bbb.ccc.ddd].53
besides we have seen some wrong answers messages:
12-Feb-2004 13:01:34.448 response-checks: info: wrong ans. name (domain.com !=
server.domain.com)
The overall effect is that our in.named process is consuming a lot of cpu cycles
trying to resolve some IPs that really don't exist.
Until now everything was OK, so we suspect this is could be a virus attack or
similar.
Does anybody ever seen something like that before?
kind regards,
Vic.
PS: Please answer me directly, as I am not subscribed to this newsgroup.
More information about the bind-users
mailing list