Caching-only Name server does Zone Updates
ashish.rao at wipro.com
Tue Feb 3 05:31:37 UTC 2009
Thank you for your replies.
Our configuration file is fairly simple (I have changed the domain name for
cache . /etc/dnscache
We use BIND 4. Actually our DNS was doing lot of CPU utilization and when we
started it in Debug mode we found that there was a reverse lookup for some
IP address which was in the dnscache file. (dnscache is the root hint file)
This started zone updates, as we can observe in the debug file which calls
Here is the debug file content (I have modified the IP address for security
reasons. Here 21.x.x.x is one of the entries in dnscache file. I mean that
there was a network address starting with 21 in our dnscache file)
dgram from 188.8.131.52, 22222 (2222)
req: nlookup(184.108.40.206.in-addr.arpa) id 111 type=11
req: found '220.127.116.11.in-addr.arpa' as '21.in-addr.arpa' (cname=0)
findns: np 0x6b41e
findns: 2 NS's added for '21'
nslookup: NS server01.example.grp.net c1 t2 (x0)
nslookup: 1 ns addrs
nslookup: NS cerver01.example.grp.net c1 t2 (x0)
nslookup: 2 ns addrs
nslookup: 2 ns addrs total
retrytime: nstime 0ms.
Dgram from 21.x.x.x
USER response nsid=xxxx id xxxx
Respose from upexpected source 21.x.x.x
Stime zzzzz/zzzzz now yyyyyy/yyyyyy rtt x
NS #2 addr 21.x.x.x used rtt y
NS #1 21.x.x.x rtt now z
Resp: ancount 0, aucount 1, arcount 0
Doupdate(zone 0, savens x, flags y)
Doupdate: dname 21.in-addr.arpa type 6 class 1 ttl 600
Db_update(21.in-addr.arpa, 0x12345, 0x56789, 087, 0x76543)
This is strange, there was NSLOOKUP for some IP 18.104.22.168 which caused zone
updates and we do not have any zone specified in our configuration file.
From: Niall O'Reilly [mailto:Niall.oReilly at ucd.ie]
Sent: Monday, February 02, 2009 7:50 PM
Cc: bind-users at lists.isc.org; Niall.oReilly at ucd.ie
Subject: Re: Caching-only Name server does Zone Updates
On Mon, 2009-02-02 at 17:25 +0530, Ashish wrote:
> Our DNS is configured as Caching-only Name server.
How do you know?
> However, it's still
> performing Zone updates like a Slave Name Server.
How many 'zone' sections are in your configuration?
Why not post your configuration file to the list,
so that we can see?
Please do not print this email unless it is absolutely necessary.
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
More information about the bind-users