Apple OS and DNS resolution (._dns-sd.udp. requests)
Chuck Swiger
cswiger at mac.com
Thu Apr 5 15:48:53 UTC 2012
On 4/5/2012 5:08 AM, Matus UHLAR - fantomas wrote:
> Hello,
>
> our customer (an ISP) reported that his clients have problems resolving sites
> like facebook, youtube, aplestores and that the problems only affect apple
> computers.
>
> I notice many requests for dns service discovery:
>
> Apr 5 09:47:20 t03 named[8324]: security: info: client 195.168.157.82#32844:
> query 'cf._dns-sd._udp.132.110.254.10.in-addr.arpa/TXT/IN' denied
> Apr 5 09:47:20 t03 named[8324]: security: info: client 195.168.157.82#49019:
> query 'cf._dns-sd._udp.132.110.254.10.in-addr.arpa/TXT/IN' denied
> Apr 5 09:47:20 t03 named[8324]: security: info: client 195.168.157.82#35647:
> query 'cf._dns-sd._udp.132.110.254.10.in-addr.arpa/TXT/IN' denied
>
> these requests are denied, because we use private IPS from those ranges and I
> don't want to make them available for users.
>
> Can these requests cause resolving problems on Apple computers?
Those are RFC-2792 service discovery requests, used by Bonjour-- see:
http://www.dns-sd.org/
Denying them won't affect normal DNS resolution, although setting up
appropriate answers will help Mac (and Windows) clients find resources like
printers, proxy servers, and so forth appropriate for the domain they live in.
Regards,
--
-Chuck
More information about the bind-users
mailing list