[BlueOnyx:10898] Re: named problems on 5106R
Gerald Waugh
gwaugh at frontstreetnetworks.com
Thu Jun 28 10:52:35 -05 2012
On 06/28/2012 08:07 AM, Gerald Waugh wrote:
> Named is filling the log files with errors from ipv6 request
>
>
> named[25860]: network unreachable resolving 'sns.dialtelecom.cz/A/IN':
> 2001:628:453:420::48#53
> named[25860]: network unreachable resolving
> 'names.dialtelecom.cz/A/IN': 2001:628:453:420::48#53
>
> The other thing is that we have hundreds of dns request attempts from
> European IP's
> We have this server setup as;
>
> options {
> directory "/var/named";
> // spoof version for a little more security via obscurity
> version "100.100.100";
> // no forwarders defined
> allow-transfer { 1.2.3.4; };
> allow-recursion { 1.2.3.0/24; };
> // recursion allowed
> };
> allow transfer is the secondary dns server
> allow recursion is the home network
>
> /etc/sysconfig/network
> NETWORKING_IPV6=n
Blocked most of the European country IPs using the pfsense firewall
"Country Block" add-on,
and thing have quieted down.
Gerald
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20120628/db1bdef5/attachment.html>
More information about the Blueonyx
mailing list