Denied recursive query messages from named

Danny Mayer mayer at gis.net
Sun Jan 7 03:47:52 UTC 2001 

         BIND 8.2.3 is not yet released.  What is available is still Beta.
    Maybe you should contact Process Software.

                 Danny
At 09:22 AM 1/6/01, Damon Brownd wrote:

>No, I didn't build it.  BIND 8.2.3 is included in Multinet for OpenVMS
>V4.3 from Process Software.  Their web site is at http://www.process.com.
>
>
>"Danny Mayer" <mayer at gis.net> wrote in message
>news:<930qjl$fbh at pub3.rc.vix.com>...
> >
> >          It took me a while to realise this, but this is from the operator
>log
> >    on a VMS System.  Did you build BIND 8.2.3 on VMS?
> >
> >                  Danny
> >
> > At 08:31 PM 1/3/01, Kevin Darcy wrote:
> >
> > >The only thing I can think of is a crappy DNS implementation that gets
>confused
> > >about delegations when following CNAMEs to PTRs, with the result that it
>thinks
> > >your servers are authoritative for 100.80.190.208.in-addr.arpa.
> > >
> > >One way to deal with this is just to go with the flow: set yourself up as
>a
> > >slave for 100.80.190.208.in-addr.arpa. This won't stop the queries, but
>it
> > >should stop the log messages, since in that case there won't be any
>recursion
> > >necessary (and therefore none to deny). As an additional benefit, being a
>slave
> > >for the zone will enable you to reverse-resolve your own addresses even
>if you
> > >lose connectivity to the Internet.
> > >
> > >
> > >- Kevin
> > >
> > >Damon Brownd wrote:
> > >
> > > > Our ISP recently delegated our in-addr.arpa subdomain for our /27
>address
> > > > block to our name server as specified in RFC 2317.  Since then, I've
>been
> > > > getting bursts of messages like the following at semi-regular
>intervals.
> > > > They tend to be from the same IP addresses but the addresses do change
>over
> > > > time.  The thing that got my attention is that requests come from so
>many
> > > > different IP numbers within a second or two with pauses of an hour or
>more
> > > > between bursts.  Our name server is currently configured to allow
>recursive
> > > > queries from internal addresses and reject them from elsewhere.  The
>name
> > > > server is BIND 8.2.3.
> > > >
> > > > Are these messages safe to ignore or do they indicate a problem I need
>to do
> > > > something about?
> > > >
> > > > %%%%%%%%%%%  OPCOM   3-JAN-2001 10:20:03.43  %%%%%%%%%%%
> > > > Message from user SYSTEM on IRIS
> > > > named: denied recursion for query from [216.52.85.194].3409 for
> > > > 100.80.190.208.in-addr.arpa
> > > >
> > > > %%%%%%%%%%%  OPCOM   3-JAN-2001 10:20:03.81  %%%%%%%%%%%
> > > > Message from user SYSTEM on IRIS
> > > > named: denied recursion for query from [216.52.125.38].8857 for
> > > > 100.80.190.208.in-addr.arpa
> > > >
> > > > %%%%%%%%%%%  OPCOM   3-JAN-2001 10:20:03.81  %%%%%%%%%%%
> > > > Message from user SYSTEM on IRIS
> > > > named: denied recursion for query from [64.94.206.66].1428 for
> > > > 100.80.190.208.in-addr.arpa
> > > >
> > > > %%%%%%%%%%%  OPCOM   3-JAN-2001 10:20:03.84  %%%%%%%%%%%
> > > > Message from user SYSTEM on IRIS
> > > > named: denied recursion for query from [216.52.153.130].3591 for
> > > > 100.80.190.208.in-addr.arpa
> > > >
> > > > %%%%%%%%%%%  OPCOM   3-JAN-2001 10:20:03.85  %%%%%%%%%%%
> > > > Message from user SYSTEM on IRIS
> > > > named: denied recursion for query from [216.52.44.194].1066 for
> > > > 100.80.190.208.in-addr.arpa
> > > >
> > > > %%%%%%%%%%%  OPCOM   3-JAN-2001 10:20:03.86  %%%%%%%%%%%
> > > > Message from user SYSTEM on IRIS
> > > > named: denied recursion for query from [64.94.163.226].3319 for
> > > > 100.80.190.208.in-addr.arpa
> > > >
> > > > %%%%%%%%%%%  OPCOM   3-JAN-2001 10:20:03.88  %%%%%%%%%%%
> > > > Message from user SYSTEM on IRIS
> > > > named: denied recursion for query from [63.251.235.226].2051 for
> > > > 100.80.190.208.in-addr.arpa
> > >
> > >
> > >
> >
> >
> >
> >
> >
>

More information about the bind-users mailing list