greetings, Linux ns2.arlut.utexas.edu 2.6.18-194.26.1.el5 #1 SMP Fri Oct 29 14:21:16 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux bind-9.3.6-4.P1.el5_5.3 (i'm not crazy about running that version of bind, but the choice isn't entirely mine.)
this has to be an old question, but when i search for it i get nothing but false leads. for example, i get a lot of search results about DOS attacks. this isn't a DOS attack. i get, and have always gotten, billions of these messages. Jan 2 07:37:43 ns2 named[3028]: client 10.4.1.6#33823: view internal: error sending response: host unreachable the story is that these are the results of attempted zone transfers. i don't know enough to say one way or the other. so that's FWIW. however, AXFRs of the internal view (ah, yes... "view internal" i presume has to do w/ named.conf's view named "internal".) are not allowed. the outside/external transfer list doesn't include 10.4.1.6. hmmm. i guess i don't know what that msg means. is that just a client on the "internal view" asking for an ordinary dns lookup? i DO have a firewall running on here. i CAN ping 10.4.1.6. i CAN telnet 10.4.1.6 53 and get a response. but if those attempts to connect are on other than port 53 i don't know what port to use instead. i'm assuming that my firewall could be blocking things. i'm also assuming (wrong?) that if i can ping "to" 10.4.1.6 that the ping "from" would work. anyway, i just checked that, and for the two tests listed here, it works. would that hold true for other ports? i'd rather not, if i can avoid it, post my configurations in detail. these people are getting kinda hyper about security. i guess i could ask them. the system is running. but (1) i'd like to clean up the log file -- ie, stop getting these messages, and (2) i'm hoping that by resolving this i'll learn something along the way that will help. thanks in advance. j. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
