incorrect dns returned by public servers for our domain
David Miller
dmiller at tiggee.com
Thu Feb 24 07:06:40 UTC 2011
On 2/24/2011 1:19 AM, Matthew Seaman wrote:
> On 24/02/2011 04:14, Noel Butler wrote:
>> You can pretty much remove the entire statement now, as all /8's are
>> issued as of about two weeks ago.
> This works for me:
>
> lucid-nonsense:~/src/namedb:% cat acl-ipv4-bogons.conf
> // @(#) $Id: acl-ipv4-bogons.conf 800 2011-02-03 20:22:12Z matthew $
> //
> // Networks listed by IANA as test, RFC 1918, Multicast, Experimental,
> // etc. (RFC 5735)
> //
> // See: http://www.team-cymru.org/Services/Bogons/bogon-bn-agg.txt
>
> acl ipv4-bogons {
> 0.0.0.0/8;
> 10.0.0.0/8;
> 127.0.0.0/8;
> 169.254.0.0/16;
> 172.16.0.0/12;
> 192.0.0.0/24;
> 192.0.2.0/24;
> 192.168.0.0/16;
> 198.18.0.0/15;
> 198.51.100.0/24;
> 203.0.113.0/24;
> 224.0.0.0/3;
> };
> //
> // That's All Folks!
> //
>
> All of which are special purpose networks listed in RFC 5735 which you
> shouldn't be seeing any DNS query traffic from on the open internet.
> This bogon list is going to be static for the foreseeable future.
>
+ 192.88.99.0/24 // 6to4 relay anycast - can be destination of packets, *should* never be source
+ 240.0.0.0/4 // reserved for future use - likely to *never* be valid source - I block, YMMV
-DM
> Cheers,
>
> Matthew
>
>
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110224/2525779d/attachment.html>
More information about the bind-users
mailing list