avoiding inverse mappings

Jim Reid jim at rfc1035.com
Fri Apr 13 18:33:09 UTC 2001 

>>>>> "Alex" == Alex  <alex at lan.de> writes:

    Alex> Hello, I'm running bind 9.0.1 on a linux box which handles
    Alex> some requests in my lan and forwards them to some proper
    Alex> dns-servers if it can't answer them. I'm also using a
    Alex> dial-on-demand script creating a ppp0 device with an
    Alex> temporary IP adress which is replaced by a real one as soon
    Alex> as an internet connection is established.

    Alex> This configuration works quite well, but has a great
    Alex> disadvantage: The name-daemon decides from time to time to
    Alex> do an inverse mapping for the temporary IP adress of my
    Alex> virtual ppp0 device. As it etablishes a connection each time
    Alex> this happens, it gets quite expensive and annoying.

    Alex> So, my question is: How can I prevent the name-daemon from
    Alex> doing inverse mappings for every IP address it encounters?

Stop whatever application that is making those lookups from making
them. A name server doesn't really lookup anything for itself. It
won't do any lookups unless something sends it queries. [Well it'll
send SOA queries for any zones it slaves obviously and get the current
list of root servers when it first starts.] You might be better to run
a real name server and stop forwarding queries to another server.
Perhaps the query forwarding is needlessly bringing up the PPP link?
Maybe your local server could be configured as a slave for whatever
zone(s) are being looked up? Forwarding name servers are generally a
Bad Idea.

    Alex> If the name-daemon is not responsible for that, what program
    Alex> might be?

No idea. What applications on your system might care about the name(s)
attached to your PPP link? Try turning on query logging. Maybe you'll
find the lookups happen at a particular time? For instance, a script
run from cron or every (hourly?) sweep of your mail queue, etc, etc...
Maybe the queries are for something else and not reverse lookups?

BTW, you should upgrade to 9.1.1. There are some threading bugs in
BIND 9.0.

More information about the bind-users mailing list