Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 10 Jun 2008 18:45:53 -0400
From:      Steve Bertrand <steve@ibctech.ca>
To:        Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>
Cc:        freebsd-questions@freebsd.org, Jon Radel <jon@radel.com>
Subject:   Re: OT: lots of IPv6 DNS requests
Message-ID:  <484F0421.5030403@ibctech.ca>
In-Reply-To: <20080611001613.Y13017@wojtek.tensor.gdynia.pl>
References:  <20080610171600.R76827@wojtek.tensor.gdynia.pl>	<484EA302.4070104@radel.com>	<20080611000612.H13017@wojtek.tensor.gdynia.pl>	<484EFBBE.8030502@radel.com> <20080611001613.Y13017@wojtek.tensor.gdynia.pl>
next in thread | previous in thread | raw e-mail | index | archive | help 
Wojciech Puchar wrote:
>>>>
>>>> dns.tensor.gdynia.pl.   10800   IN      AAAA    2001:4070:101::1
>>>>
>>>> or
>>>>
>>>> dns2.tensor.gdynia.pl.  10732   IN      AAAA    2001:4070:101:1::2
>>>
>>>
>>> no it is not! that's why i'm asking.
>>
>> Oh, for heaven's sake.  We all know you like to shoot off your mouth. 
>> Now go back to my mail and read it ALL THE WAY THROUGH BEFORE YOU 
>> ANSWER AGAIN. Jeez.
>>
> so maybe you should explain clearer because i do read what you write.
> 
> my computer isn't 2001:4070:101::1 nor 2001:4070:101:1::2

Do a netstat -na | grep 53. This will help. Something is wrong with your 
setup if you are seeing undesirable results.

A couple of questions... are you using ONLY /64 prefixes? Whether they 
do or not, do:

2001:4070:101:1:: and 2001:4070:101:2::

...share a common physical local link? What flags of Neighbor Discovery 
are enabled on the devices on this link, and what on-link prefixes do 
you see (ndp -i interface, ndp -p)?

This:

Jun 10 17:13:50 wojtek named[909]: client 
2610:130:101:100:214:22ff:fe12:241#60282: query (cache) 
'wojtek.tensor.gdynia.pl/MX/IN' denied

...is someone within the 'Iowa Communications Network' trying to find an 
MX for what appears to be your workstation/mail server, by targeting 
your workstation directly for the DNS lookup.

I don't have time to go research it myself right now, but do you use a 
registrar that provides IPv6 glue? What does your zone file state for NS 
servers? Do you have a rogue NS server on your network that was for 
development that got left on, and could be supplying incorrect results?

It is very difficult to identify where this is broken if you don't 
respond with suggested output.

Steve

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?484F0421.5030403>