UDP Port 53 Log In Vain Messages
Ok, what causes the following events to ocurr and what do I do to fix whatever is wrong? _MY_MACHINE_ is my machine _ISP_NAMESERVER_01_ and _ISP_NAMESERVER_02_ are my ISP's nameservers I am running named. What additional information is needed? (if any) What do I look at? Unusual System Events =-=-=-=-=-=-=-=-=-=-= Oct 9 09:01:01 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3550 from _ISP_NAMESERVER_02_:53 Oct 9 09:01:03 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3597 Oct 9 09:01:06 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3551 from _ISP_NAMESERVER_01_:53 Oct 9 09:01:14 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3553 from _ISP_NAMESERVER_02_:53 Oct 9 09:01:17 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3554 from _ISP_NAMESERVER_01_:53 Oct 9 09:01:23 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3611 Oct 9 09:01:24 hq /kernel: Connection attempt to UDP _LOCALHOST_:3548 from _LOCALHOST_:53 Oct 9 09:01:26 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3556 from _ISP_NAMESERVER_02_:53 Oct 9 09:01:32 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3557 from _ISP_NAMESERVER_01_:53 Oct 9 09:01:39 hq /kernel: Connection attempt to UDP _LOCALHOST_:3552 from _LOCALHOST_:53 Oct 9 09:01:48 hq /kernel: Connection attempt to UDP _LOCALHOST_:3555 from _LOCALHOST_:53 Oct 9 09:01:51 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3586 from _ISP_NAMESERVER_02_:53 Oct 9 09:02:04 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3598 from _ISP_NAMESERVER_01_:53 Oct 9 09:02:06 hq /kernel: Connection attempt to UDP _LOCALHOST_:3561 from _LOCALHOST_:53 Oct 9 09:02:33 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3629 Oct 9 09:03:15 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3645 Oct 9 09:12:21 hq /kernel: Connection attempt to UDP _MY_MACHINE_:4666 from 194.221.87.35:4665 Oct 9 09:12:40 hq /kernel: Connection attempt to UDP _MY_MACHINE_:4666 from 80.130.178.49:4666 Oct 9 09:15:55 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3680 Oct 9 09:16:01 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3653 from _ISP_NAMESERVER_02_:53 Oct 9 09:16:06 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3654 from _ISP_NAMESERVER_01_:53 Oct 9 09:16:14 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3656 from _ISP_NAMESERVER_02_:53 Oct 9 09:16:17 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3657 from _ISP_NAMESERVER_01_:53 Oct 9 09:16:23 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3694 Oct 9 09:16:24 hq /kernel: Connection attempt to UDP _LOCALHOST_:3652 from _LOCALHOST_:53 Oct 9 09:16:26 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3659 from _ISP_NAMESERVER_02_:53 Oct 9 09:16:32 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3660 from _ISP_NAMESERVER_01_:53 Oct 9 09:16:39 hq /kernel: Connection attempt to UDP _LOCALHOST_:3655 from _LOCALHOST_:53 Oct 9 09:16:48 hq /kernel: Connection attempt to UDP _LOCALHOST_:3658 from _LOCALHOST_:53 Oct 9 09:16:51 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3671 from _ISP_NAMESERVER_02_:53 Oct 9 09:17:04 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3681 from _ISP_NAMESERVER_01_:53 Oct 9 09:17:06 hq /kernel: Connection attempt to UDP _LOCALHOST_:3664 from _LOCALHOST_:53 Oct 9 09:23:49 hq /kernel: Connection attempt to UDP _MY_MACHINE_:4668 from 217.127.164.189:2677 Oct 9 09:28:30 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3714 Oct 9 09:31:01 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3720 from _ISP_NAMESERVER_02_:53 Oct 9 09:31:06 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3721 from _ISP_NAMESERVER_01_:53 Oct 9 09:31:14 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3723 from _ISP_NAMESERVER_02_:53 Oct 9 09:31:17 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3724 from _ISP_NAMESERVER_01_:53 Oct 9 09:31:23 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3743 Oct 9 09:31:24 hq /kernel: Connection attempt to UDP _LOCALHOST_:3715 from _LOCALHOST_:53 Oct 9 09:31:26 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3726 from _ISP_NAMESERVER_02_:53 Oct 9 09:31:28 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3755 Oct 9 09:31:32 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3727 from _ISP_NAMESERVER_01_:53 Oct 9 09:31:39 hq /kernel: Connection attempt to UDP _LOCALHOST_:3722 from _LOCALHOST_:53 Oct 9 09:31:48 hq /kernel: Connection attempt to UDP _LOCALHOST_:3725 from _LOCALHOST_:53 Oct 9 09:31:51 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3729 from _ISP_NAMESERVER_02_:53 Oct 9 09:32:04 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3730 from _ISP_NAMESERVER_01_:53 Oct 9 09:32:06 hq /kernel: Connection attempt to UDP _LOCALHOST_:3728 from _LOCALHOST_:53 Oct 9 09:46:01 hq
Re: UDP Port 53 Log In Vain Messages
Any settings I can change to reduce the number of timeouts? Ceri Davies wrote: On Wed, Oct 09, 2002 at 01:21:25PM -0400, Wolfieee wrote: Ok, what causes the following events to ocurr and what do I do to fix whatever is wrong? DNS lookups timing out. Ceri To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: UDP Port 53 Log In Vain Messages
# [EMAIL PROTECTED] / 2002-10-09 13:21:25 -0400: Ok, what causes the following events to ocurr and what do I do to fix whatever is wrong? _MY_MACHINE_ is my machine _ISP_NAMESERVER_01_ and _ISP_NAMESERVER_02_ are my ISP's nameservers I am running named. What additional information is needed? (if any) What do I look at? Unusual System Events =-=-=-=-=-=-=-=-=-=-= Oct 9 09:01:01 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3550 from _ISP_NAMESERVER_02_:53 Oct 9 09:01:03 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3597 Oct 9 09:01:06 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3551 from _ISP_NAMESERVER_01_:53 Oct 9 09:01:14 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3553 from _ISP_NAMESERVER_02_:53 Oct 9 09:01:17 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3554 from _ISP_NAMESERVER_01_:53 Oct 9 09:01:23 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3611 Oct 9 09:01:24 hq /kernel: Connection attempt to UDP _LOCALHOST_:3548 from _LOCALHOST_:53 this means that you have a firewall that blocks incoming udp on port 53 on both the loopback and your nic. specifically, the blocked packets are replies to your dns queries. fix your firewall ruleset. the rule from my ipf ruleset: pass out quick on $if proto tcp/udp from $ip to any port = 53 keep state that keep state is what allows the responses back in. -- begin 666 nonexistent.vbs FreeBSD 4.7-RC 7:48PM up 22 days, 3:03, 18 users, load averages: 0.43, 0.26, 0.15 end To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: UDP Port 53 Log In Vain Messages
On Wed, Oct 09, 2002 at 02:21:50PM -0400, wolf wrote: Date: Wed, 09 Oct 2002 14:21:50 -0400 From: wolf [EMAIL PROTECTED] To: Roman Neuhauser [EMAIL PROTECTED] Cc: Wolfieee [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: UDP Port 53 Log In Vain Messages I don't think the firewall is to blame. I think so. If there is a firewall that blocks dns replies then they never go through firewall. My explanation is that dns send query to external dns but after some time period hi doesn't get answer (because external dns is very busy) and close socket, so when answer arrive there isn't opened socket. If you have a lot of name resolving errors my suggestion is to remove you isp dns servers as forwarders. 00050 60949435 31435808176 divert 8668 ip from any to any via rl0 0010071631099071516 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 120754392 61388414174 allow ip from any to any 65535 81016 deny ip from any to any Roman Neuhauser wrote: # [EMAIL PROTECTED] / 2002-10-09 13:21:25 -0400: Ok, what causes the following events to ocurr and what do I do to fix whatever is wrong? _MY_MACHINE_ is my machine _ISP_NAMESERVER_01_ and _ISP_NAMESERVER_02_ are my ISP's nameservers I am running named. What additional information is needed? (if any) What do I look at? Unusual System Events =-=-=-=-=-=-=-=-=-=-= Oct 9 09:01:01 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3550 from _ISP_NAMESERVER_02_:53 Oct 9 09:01:03 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3597 Oct 9 09:01:06 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3551 from _ISP_NAMESERVER_01_:53 Oct 9 09:01:14 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3553 from _ISP_NAMESERVER_02_:53 Oct 9 09:01:17 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3554 from _ISP_NAMESERVER_01_:53 Oct 9 09:01:23 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3611 Oct 9 09:01:24 hq /kernel: Connection attempt to UDP _LOCALHOST_:3548 from _LOCALHOST_:53 this means that you have a firewall that blocks incoming udp on port 53 on both the loopback and your nic. specifically, the blocked packets are replies to your dns queries. fix your firewall ruleset. the rule from my ipf ruleset: pass out quick on $if proto tcp/udp from $ip to any port = 53 keep state that keep state is what allows the responses back in. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Regards, D. Penev To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
