Another question regarding messages in syslog
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Fri Oct 15 05:51:58 UTC 1999
You have used query-source to specify port 53 for out going
queries. You also have a interface that named is not
listening to queries on, either via using listen-on or
having an interface come up after named is started. The
later is corrected every interface-interval when running
as root, when running as any other user named will not
attempt/succeed (BIND version dependant) in binding to the
new interface.
The message indicate that named received a query on a
interface it was not listening on. The query-source uses
a wild card local address and gets any queries not directed
at interfaces named is listening on.
Since the address the query came from was on port 53, we
will assume that it is another nameserver making the query.
You need to workout what the query is for, use snoop /
tcpdump. You then need to workout why the other server
thought it could get an answer from this address and correct
the appropriate NS / A records or ensure that named is
listening on the interface.
Mark
>
> A week or so ago, I posted a message regarding unusual
> messages occuring in the syslog from Bind 8.2.1 under
> Solaris 2.6, and I greatly appreciate the assistance.
> Another messages is now appearing that I do not understand,
> and if someone could point me to information on what is
> causing it, I would appreciate it greatly.
>
> <date> <time> <server> named[pid]: refused query on
> non-query socket from [IP address].53
>
> Thank you in advance.
>
> --
> -Albert Croft
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list