From owner-freebsd-questions Tue Jan 14 16: 0:32 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DE4A137B401 for ; Tue, 14 Jan 2003 16:00:30 -0800 (PST) Received: from shockwave.systems.pipex.net (shockwave.systems.pipex.net [62.241.160.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id 52A2D43F3F for ; Tue, 14 Jan 2003 16:00:30 -0800 (PST) (envelope-from stacey@vickiandstacey.com) Received: from [192.168.1.8] (81-86-129-77.dsl.pipex.com [81.86.129.77]) by shockwave.systems.pipex.net (Postfix) with ESMTP id B64D51600B5BE; Wed, 15 Jan 2003 00:00:28 +0000 (GMT) Subject: Re: named messages in /var/log/messages From: Stacey Roberts Reply-To: stacey@vickiandstacey.com To: Matthew Seaman Cc: FreeBSD Questions In-Reply-To: <20030114235015.GB22937@happy-idiot-talk.infracaninophi> References: <1042586630.51041.360.camel@localhost> <20030114235015.GB22937@happy-idiot-talk.infracaninophi> Content-Type: text/plain Organization: Message-Id: <1042588833.51041.381.camel@localhost> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.0 Date: 15 Jan 2003 00:00:34 +0000 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi Matthew On Tue, 2003-01-14 at 23:50, Matthew Seaman wrote: > On Tue, Jan 14, 2003 at 11:23:51PM +0000, Stacey Roberts wrote: > > Hello, > > I'm running bind in a sandbox as per the handbook. I've had this > > set up and (presumably) working okay since FreeBSD 4.6 Stable, and have > > today noticed these named entries in /var/log/messages: > > > > named[143]: denied update from [host_IP].1268 for > > "1.168.192.in-addr.arpa" IN > > Are you running a DHCP server? On Windows 2K? There *is* a Win2K Pro box on the network here, no DHCP Server running, though. > > This is a host trying to insert a dynamic PTR record into your DNS. > That is usually a function of a DHCP server, and can be configured if > desired. If you haven't configured dynamic DNS, then it's harmless > apart from taking up space in your log files. > > W2K is notable for shipping with the dynamic DNS stuff turned on. > It's not just you: seems a lot of W2K machines try to update records > in the root servers too... Search for 'Syslog Errors' in > http://www.caida.org/outreach/presentations/ietf0112/dns.damage.html > for the depressing statistics. > Okay, I've managed to track this down. VPN testing is was being done at the time from that Win2K box to a remote site running RRAS VPN Server on Win2K Server. Seems that RRAS dynamically assigns IP's from a static table of addresses to incoming connections over the VPN. And as the VPN emanates from the same subnet locally, my DNS server was seeing that traffic. At least that's what it would appear to be happening, given your suggestions. Let me know if I have this right, okay? Thanks again for the information! Regards, Stacey > Cheers, > > Matthew -- Stacey Roberts B.Sc (HONS) Computer Science Web: www.vickiandstacey.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message