Persuading BIND 8.2 not to endlessly cause dial-ups

Tue Jun 22 09:57:30 UTC 1999

>>>>> "Doug" == Doug Palmer <dougal at acm.org> writes:

    Doug> I'm running a private network which connects, via and
    Doug> on-demand dial-up to the Internet via a Sun sparc running
    Doug> Solaris.

    Doug> Every hour to hour and a half, or so, my logs indicate that
    Doug> there is a query for what would appear to be every address
    Doug> that has ever been handled by the server, even ones several
    Doug> days old. Fiddling with the heatbeat, etc. parameters seems
    Doug> to make no difference. I've slowly eliminated every
    Doug> non-essential daemon I can find, to see if there is
    Doug> something constantly making requests.

Have you turned on the name server's query logging to see where those
requests come from? Maybe there's something elsewhere on your net
that's making queries to your name server which then has to bring up
the dial-up link to resolve them?

    Doug> I'm unwilling to use my ISPs DNS servers, as I use DNS for
    Doug> the various machines on my private network.

    Doug> I'm using the following options:

    Doug> options {
    Doug>	 directory "/var/named";
    Doug>	 forwarders {
    Doug>		203.30.77.150;
    Doug>		203.30.77.33;
    Doug>		203.8.183.1;
    Doug>	};
    Doug>	forward first;
    Doug>	dialup yes;
    Doug>	heartbeat-interval 1440;
    Doug>	cleaning-interval 60;
    Doug>	interface-interval 0;
    Doug>	statistics-interval 1440;
    Doug>	listen-on {
    Doug>		127.0.0.1;
    Doug>		10.19.13.1;
    Doug>	};
    Doug> };

    Doug> Does anybody have any insight to offer me on what is going
    Doug> on? Pointing out an obvious and stupid mistake would be
    Doug> wonderful, of course.

Well, the options{} statement you supplied seems to conflict with what
you said. [You might be unwilling to use your ISP's name servers, but
it looks as though you blindly forward every query to them.] This name
server will forward any queries it can't answer to the name servers at
203.30.77.150, 203.30.77.33 and 203.8.183.1. (Your ISP?) Presumably
this brings up the dial-up link?

Enabling query logging might help to identify the source of these
queries that bring up the link. Your name server might have to make
queries on its on behalf - checking the SOA records of any zones it
slaves for instance - and those will bring up the link too. You have
to accept that your name server needs to make external queries
from time to time and thse will bring up the link. (And what if
someone/something at the ISP is querying your name server?)