On Thu, Apr 24, 2014 at 02:55:56PM -0400, Matthew Pounsett wrote: > > On Apr 24, 2014, at 10:28 , Chuck Anderson <[email protected]> wrote: > > > Has anyone seen bunches of machines on their network attempting to do > > DDNS updates to ns3.apnic.net for addresses in the 6to4 2002::/16 > > block 2.0.0.2.ip6.arpa zone? Should I be concerned? > > ns3.apnic.net is the reverse DNS PTR for the actual MNAME of the > 2.0.0.2.ip6.arpa zone. > > % dig +short IN SOA 2.0.0.2.ip6.arpa. > ns-apnic.6to4.nro.net. dns-admin.apnic.net. 2004083706 7200 1800 604800 172800 > % dig +short IN A ns-apnic.6to4.nro.net. > 202.12.28.131 > % dig +short IN PTR 131.28.12.202.in-addr.arpa. > ns3.apnic.net. > > Do you have a 6to4 gateway in operation? If there are misconfigured dhcp > clients in your network, and you’re using addresses somewhere in 2002::/16 > then it’s reasonable that you’d be seeing that traffic.
I do not have any 6to4 gateways. In fact I block all 6to4 traffic at my border. There are probably a whole bunch of Windows boxes defaulting to auto-configured 6to4 tunnels. Do you know of a way via DHCP to tell the clients to not use 6to4? Thanks. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
