On 4/5/2012 5:08 AM, Matus UHLAR - fantomas wrote:
Hello,
our customer (an ISP) reported that his clients have problems resolving sites
like facebook, youtube, aplestores and that the problems only affect apple
computers.
I notice many requests for dns service discovery:
Apr 5 09:47:20 t03 named[8324]: security: info: client 195.168.157.82#32844:
query 'cf._dns-sd._udp.132.110.254.10.in-addr.arpa/TXT/IN' denied
Apr 5 09:47:20 t03 named[8324]: security: info: client 195.168.157.82#49019:
query 'cf._dns-sd._udp.132.110.254.10.in-addr.arpa/TXT/IN' denied
Apr 5 09:47:20 t03 named[8324]: security: info: client 195.168.157.82#35647:
query 'cf._dns-sd._udp.132.110.254.10.in-addr.arpa/TXT/IN' denied
these requests are denied, because we use private IPS from those ranges and I
don't want to make them available for users.
Can these requests cause resolving problems on Apple computers?
Those are RFC-2792 service discovery requests, used by Bonjour-- see:
http://www.dns-sd.org/
Denying them won't affect normal DNS resolution, although setting up
appropriate answers will help Mac (and Windows) clients find resources like
printers, proxy servers, and so forth appropriate for the domain they live in.
Regards,
--
-Chuck
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users