From owner-freebsd-questions Wed Jan 15 11:53:55 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EAD9937B401 for ; Wed, 15 Jan 2003 11:53:53 -0800 (PST) Received: from voo.doo.net (voo.doo.net [81.17.45.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id 120F143E4A for ; Wed, 15 Jan 2003 11:53:52 -0800 (PST) (envelope-from marc@schneiders.org) Received: from localhost (localhost [127.0.0.1]) by voo.doo.net (8.12.6/8.12.6) with ESMTP id h0FJrYc9073994; Wed, 15 Jan 2003 20:53:35 +0100 (CET) (envelope-from marc@schneiders.org) Date: Wed, 15 Jan 2003 20:53:34 +0100 (CET) From: Marc Schneiders X-X-Sender: To: Dan Nelson Cc: Stacey Roberts , FreeBSD Questions Subject: Re: named messages in /var/log/messages In-Reply-To: <20030115001024.GE42135@dan.emsphone.com> Message-ID: <20030115203653.F73879-100000@voo.doo.net> X-Preferred-email-to: marc@schneiders.org X-Other-email-to: marc@venster.nl X-Organization: Venster (Zeist - NL) X-URL: http://www.bijt.net/ X-SOA: A.ROOT-SERVERS.ORSC. X-OS: FreeBSD: The Power to Serve MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, 14 Jan 2003, at 18:10 [=GMT-0600], Dan Nelson wrote: > In the last episode (Jan 14), Stacey Roberts said: > > > > named[143]: denied update from [host_IP].1268 for "1.168.192.in-addr.arpa" IN > > > > > > Is that host running Windows 2000 or XP? Does it also have > > > "Register this connection's addresses in DNS" checked in (deep > > > > Yes, its a Win2K Pro machine. > You'll get the messages on whatever machine is the primary DNS for your > domain. The checkbox tells W2K to directly update the DNS record for > its IP (usually handed to it by the DHCP server). I prefer the Netware > way, where the DHCP server notifies the DNS server itself, instead of > hoping the client does it right. > > You can safely ignore the message if you want. And what about similar messages, where the update is tried, not on private IP reverse DNS, but on . (the root zone), or some fancy domain I happen(ed) to have running on the server (I remember eightball.net and kickingback.com)? And what if it comes from machines 15 hops away? Examples: Nov 12 12:02:27 [hostname] named[82]: denied update from [12.234.42.233].32776 for "." IN Nov 12 12:18:56 [hostname] named[82]: denied update from [12.234.42.233].32776 for "." IN Nov 12 12:02:27 [hostname] named[82]: denied update from [12.234.42.233].32776 for "." IN Nov 12 12:18:56 [hostname] named[82]: denied update from [12.234.42.233].32776 for "." IN Jan 14 11:23:08 [hostname] named[22121]: client 64.30.161.135#32777: update forwarding denied Jan 14 14:02:15 [hostname] named[22121]: client 194.237.39.97#35558: update forwarding denied Jan 14 14:20:57 [hostname] named[22121]: client 194.237.39.97#35559: update forwarding denied Jan 14 14:23:10 [hostname] named[22121]: client 64.30.161.135#32777: update forwarding denied I changed to Bind 9 somewhere in Autumn, which may explain why I don't get the exact domains anymore in the console messages. I haven't researched that. I am guessing. I do not run reverse DNS for private address space on the box, so the update of these addresses cannot be what it is about, or can it? -- [04] We value you like our close relations. http://logoff.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message