8.2.3 server flooding root servers

Stephane ANGLARET sanglaret at yahoo.com
Mon Nov 12 18:28:20 UTC 2001 

I have a DNS server with a problem. It is running Bind
8.2.3. I am running in a chrooted environment. The
server is configured to prohibit recursive requests.

It constantly queries the root servers with questions
about the root servers. Here is an example network
capture:
    dns1 -> 202.12.27.33 DNS C M.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C L.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C K.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C J.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C I.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C H.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C G.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C F.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C E.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C D.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C C.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C B.ROOT-SERVERS.NET.
Internet Addr ?
    dns1 -> 202.12.27.33 DNS C A.ROOT-SERVERS.NET.
Internet Addr ?

My secondary DNS is running almost the same
configuration, but it has no problems.

Here is the named.conf for the primary. I have made a
few changes to avoid telling you more about myself
than you really need to know.:

logging {
        channel default_log_file {
          file "/var/log/default_named.log" versions
99 size unlimited;
          severity debug 1;
          print-category yes;
          print-severity yes;
          print-time     yes;
          };
        category default { default_log_file; };
        };

options {
        directory "/var/named";
        allow-transfer {
		1.1.1.1 /* ISP DNS */
		1.1.1.2 /* ISP Backup DNS *?
        };
        recursion no;
        version "0000";
        notify yes;
        also-notify { 1.1.1.2;};
        pid-file "/var/run/named.pid";
};

zone "." {
        type hint;
        file "root.cache";
};

zone "0.0.127.IN-ADDR.ARPA" {
        type master;
        file "db.localhost";
};

zone "example.com" {
        type master;
        file "db.example.com";
};

(More zones follow, but no more configuration options)

If you have ever seen a similar problem, or have any
idea what is going on please let me know.

___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Courrier : http://courrier.yahoo.fr

More information about the bind-users mailing list