Unexpected behaviour from the B root servers? Am I setup wrong?
Stephen John Smoogen
smooge at gmail.com
Sun Feb 25 19:49:44 UTC 2007
I am only seeing this with the B systems at the moment.. and I am
trying to figure out how I should 'fix' my firewall or backbone DNS
server to deal with it.
Our campus DNS servers will 'proxy' a request to the backbone DNS
servers and when it talks to the B servers, we get requests back from
different IP address from what we sent to (thus our firewall drops it
as a bad session).
129.24.8.1.32768 > 192.228.79.201.domain
192.228.79.200.domain > 129.24.8.1.32768
192.228.79.202.domain > 129.24.8.1.32768
192.228.79.201.domain > 129.24.8.1.32768
This really picked up on Saturday when pretty much every send to the
192.228.79.201 server got 1 to 2 other returns from b1.ip4.int,
b2.ip4.int etc.
The only other servers that the firewall seems to be dropping are some
'questionable' ones in Romania that showed up over the weekend.
--
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
More information about the bind-users
mailing list