[BlueOnyx:10905] Re: named problems on 5106R
Gerald Waugh
gwaugh at frontstreetnetworks.com
Thu Jun 28 13:23:44 -05 2012
I did note that ipv6 world launch day was Jun 8
http://www.worldipv6launch.org/
On 06/28/2012 10:52 AM, Gerald Waugh wrote:
> On 06/28/2012 08:07 AM, Gerald Waugh wrote:
>> Named is filling the log files with errors from ipv6 request
>>
>>
>> named[25860]: network unreachable resolving
>> 'sns.dialtelecom.cz/A/IN': 2001:628:453:420::48#53
>> named[25860]: network unreachable resolving
>> 'names.dialtelecom.cz/A/IN': 2001:628:453:420::48#53
>>
>> The other thing is that we have hundreds of dns request attempts from
>> European IP's
>> We have this server setup as;
>>
>> options {
>> directory "/var/named";
>> // spoof version for a little more security via obscurity
>> version "100.100.100";
>> // no forwarders defined
>> allow-transfer { 1.2.3.4; };
>> allow-recursion { 1.2.3.0/24; };
>> // recursion allowed
>> };
>> allow transfer is the secondary dns server
>> allow recursion is the home network
>>
>> /etc/sysconfig/network
>> NETWORKING_IPV6=n
>
> Blocked most of the European country IPs using the pfsense firewall
> "Country Block" add-on,
> and thing have quieted down.
>
> Gerald
--
Gerald Waugh
Front Street Networks - RaQware
4604 Fern Ave
Shreveport, LA 71105
PH: +1 318-734-4779
CL: +1 318-401-0428
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20120628/89c7332d/attachment.html>
More information about the Blueonyx
mailing list