Thanks, I think that's what I was looking for. I expect the ISP is in
another country somewhere and would be hard to reach, if they could be
reached at all. And it's probably a bad reference somewhere to the
server here, so shutting of recursive queries could help... If I shut
named off for
Steve Suhre wrote:
Thanks, I think that's what I was looking for. I expect the ISP is in
another country somewhere and would be hard to reach, if they could be
reached at all. And it's probably a bad reference somewhere to the
server here, so shutting of recursive queries could help... If I
Then complain to their isp.
That has solved most problems for me, and in any case it'll stop or
you know it's your problem and not theirs.
If you can query your domain by switching your default nameservers to
your machine's default NS, and not see any debug messages, you should
be fine and
Ugh...it's always something
The T1 here is getting blasted by named requests, any suggestions would
be appreciated... I turned on debugging and got the following, lots of
them...so many that we're getting 30-50% packet loss across the T1:
16-Jan-2006 18:01:35.795 client @0x87d4800:
Ugh...it's always something
The T1 here is getting blasted by named requests, any suggestions would
be appreciated... I turned on debugging and got the following, lots of
them...so many that we're getting 30-50% packet loss across the T1:
16-Jan-2006 18:01:35.795 client @0x87d4800:
Looks like someone is spamming your DNS server with queries.
Two questions:
1) Is v.tn.co.za a domain that you are authorative for?
2) Are you an ISP and/or is client 64.18.133.103 authorized to use your DNS
server?
If the answer to 1) is NO, then there's no reason for these queries to be
Thanks Matt,
The answer to both is no. The domain doesn't resolve either
(v.tn.co.za). It looks like the source IP changes too...sigh I tried
a whois on the source IP and it was not found, so it may be spoofed? Or
someone has a very messed up server...
There was a thread on bugtraq
7 matches
Mail list logo
