avoiding inverse mappings
Jim Reid
jim at rfc1035.com
Fri Apr 13 18:33:09 UTC 2001
>>>>> "Alex" == Alex <alex at lan.de> writes:
Alex> Hello, I'm running bind 9.0.1 on a linux box which handles
Alex> some requests in my lan and forwards them to some proper
Alex> dns-servers if it can't answer them. I'm also using a
Alex> dial-on-demand script creating a ppp0 device with an
Alex> temporary IP adress which is replaced by a real one as soon
Alex> as an internet connection is established.
Alex> This configuration works quite well, but has a great
Alex> disadvantage: The name-daemon decides from time to time to
Alex> do an inverse mapping for the temporary IP adress of my
Alex> virtual ppp0 device. As it etablishes a connection each time
Alex> this happens, it gets quite expensive and annoying.
Alex> So, my question is: How can I prevent the name-daemon from
Alex> doing inverse mappings for every IP address it encounters?
Stop whatever application that is making those lookups from making
them. A name server doesn't really lookup anything for itself. It
won't do any lookups unless something sends it queries. [Well it'll
send SOA queries for any zones it slaves obviously and get the current
list of root servers when it first starts.] You might be better to run
a real name server and stop forwarding queries to another server.
Perhaps the query forwarding is needlessly bringing up the PPP link?
Maybe your local server could be configured as a slave for whatever
zone(s) are being looked up? Forwarding name servers are generally a
Bad Idea.
Alex> If the name-daemon is not responsible for that, what program
Alex> might be?
No idea. What applications on your system might care about the name(s)
attached to your PPP link? Try turning on query logging. Maybe you'll
find the lookups happen at a particular time? For instance, a script
run from cron or every (hourly?) sweep of your mail queue, etc, etc...
Maybe the queries are for something else and not reverse lookups?
BTW, you should upgrade to 9.1.1. There are some threading bugs in
BIND 9.0.
More information about the bind-users
mailing list