On Apr 24, 2014, at 10:28 , Chuck Anderson <[email protected]> wrote: > Has anyone seen bunches of machines on their network attempting to do > DDNS updates to ns3.apnic.net for addresses in the 6to4 2002::/16 > block 2.0.0.2.ip6.arpa zone? Should I be concerned?
ns3.apnic.net is the reverse DNS PTR for the actual MNAME of the 2.0.0.2.ip6.arpa zone. % dig +short IN SOA 2.0.0.2.ip6.arpa. ns-apnic.6to4.nro.net. dns-admin.apnic.net. 2004083706 7200 1800 604800 172800 % dig +short IN A ns-apnic.6to4.nro.net. 202.12.28.131 % dig +short IN PTR 131.28.12.202.in-addr.arpa. ns3.apnic.net. Do you have a 6to4 gateway in operation? If there are misconfigured dhcp clients in your network, and you’re using addresses somewhere in 2002::/16 then it’s reasonable that you’d be seeing that traffic. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
