Outgoing DNS requests

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Mon May 17 18:10:12 UTC 2004


Barry Margolin <barmar at alum.mit.edu> wrote:
> In article <c8ahuc$1kcb$1 at sf1.isc.org>,
>  "chrisf" <usenetchris at ic-2000.com> wrote:

>> I have a DNS server that is making a large number of outgoing requests=
 to
>> the same IP address.  I also see weird stuff in the logs which are sho=
wn
>> below.  Our firewall is showing a extremely large number of outgoing
>> requests to the DNS port on a specific IP, but that IP address does no=
t show=20
>> up in any of our logs.  How can I go about pinpointing the problem?=20

> Turn on tracing in the DNS server, and look for trace messages referrin=
g=20
> to that IP.

Or start ethereal or tcpdump ( -s1400) somewhere among the path from the =
DNS-server
and outwards.=20


> --=20
> Barry Margolin, barmar at alum.mit.edu
> Arlington, MA
> *** PLEASE post questions in newsgroups, not directly to me ***


--=20
Peter H=E5kanson        =20
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out=
,
	   remove "icke-reklam" if you feel for mailing me. Thanx.


More information about the bind-users mailing list