Re: queries for external hostnames inside my domain?
You might want to look at the requestor machine's "search" domains. If the stub resolver starts appending search domains when it doesn't get a response it can use. Stuart On 8/9/20, 09:51, "bind-users on behalf of L. A. Walsh" wrote: Notice: This email is from an external sender. On 9/7/2020 4:03 PM, Greg Rivers wrote: > On Monday, 7 September 2020 17:46:47 CDT L. A. Walsh wrote: >> First I'll see some server name: >> >> 05-Sep-2020 15:30:23.374 queries: info: client @0x7fbcb804e720 >> 127.0.0.1#36542 (PeerSrv.org): view internal: query: PeerSrv.org IN >> + (127.0.0.1) >> >> followed by a 2nd one: >> >> 05-Sep-2020 15:30:24.316 queries: info: client @0x7fbce40d5100 >> 127.0.0.1#36542 (PeerSrv.org.internal.Tlinx.org): view internal: >> query:PeerSrv.org.internal.Tlinx.org IN + (127.0.0.1) >> >> Where internal is a subdomain within tlinx.org. >> >> wondering why I >> see a 2nd lookup with the query looking for the domain inside my internal >> domain. >> >> Anyone seen this behavior before? >> >> It probably doesn't add up to even 1% of my lookups, but I am >> curious. >> > Those are not "IPv6 queries", they are queries over IPv4 for records, - Good point -- even as I asked that I had something like that scratching on the inside of my head that I didn't quite remember or get. That makes sense. I know the other comes from inside my dom as well, but why the ipv6 queries generate both an absolute query (from dns-root), and a relative query inside my domain? When I look at it, I can tell it looks odd and something seems to be looking up external domains from the internal interface, but what might be causing it to also look for it in the internal domain? A program bug? Thanks! ___ Please visit https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/bind-users__;!!N14HnBHF!vysYKWt_ec-btTnWt9H139TT3Kad4eUDbDHXLUG5DomMtkcukRYVVT6ckw8DzCt-sNgqYVQ$ to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://urldefense.com/v3/__https://www.isc.org/contact/__;!!N14HnBHF!vysYKWt_ec-btTnWt9H139TT3Kad4eUDbDHXLUG5DomMtkcukRYVVT6ckw8DzCt-nD1Yklc$ for more information. bind-users mailing list bind-users@lists.isc.org https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/bind-users__;!!N14HnBHF!vysYKWt_ec-btTnWt9H139TT3Kad4eUDbDHXLUG5DomMtkcukRYVVT6ckw8DzCt-sNgqYVQ$ ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: queries for external hostnames inside my domain?
On 9/7/2020 4:03 PM, Greg Rivers wrote: > On Monday, 7 September 2020 17:46:47 CDT L. A. Walsh wrote: >> First I'll see some server name: >> >> 05-Sep-2020 15:30:23.374 queries: info: client @0x7fbcb804e720 >> 127.0.0.1#36542 (PeerSrv.org): view internal: query: PeerSrv.org IN >> + (127.0.0.1) >> >> followed by a 2nd one: >> >> 05-Sep-2020 15:30:24.316 queries: info: client @0x7fbce40d5100 >> 127.0.0.1#36542 (PeerSrv.org.internal.Tlinx.org): view internal: >> query:PeerSrv.org.internal.Tlinx.org IN + (127.0.0.1) >> >> Where internal is a subdomain within tlinx.org. >> >> wondering why I >> see a 2nd lookup with the query looking for the domain inside my internal >> domain. >> >> Anyone seen this behavior before? >> >> It probably doesn't add up to even 1% of my lookups, but I am >> curious. >> > Those are not "IPv6 queries", they are queries over IPv4 for records, - Good point -- even as I asked that I had something like that scratching on the inside of my head that I didn't quite remember or get. That makes sense. I know the other comes from inside my dom as well, but why the ipv6 queries generate both an absolute query (from dns-root), and a relative query inside my domain? When I look at it, I can tell it looks odd and something seems to be looking up external domains from the internal interface, but what might be causing it to also look for it in the internal domain? A program bug? Thanks! ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: queries for IPV6 records on IPV4-only machine.
On Monday, 7 September 2020 17:46:47 CDT L. A. Walsh wrote: > > I am having some queries that I wouldn't think I'd have: > > I have a split-view ipv4-only named 9.11.2 server that is run with the > "-4" switch, yet I see attempted queries in my queries log. I have it > set as authoritative for the internal domain (though technically I think > it is classified as a lame delegation), and caching only for everything > else. > > First I'll see some server name: > > 05-Sep-2020 15:30:23.374 queries: info: client @0x7fbcb804e720 > 127.0.0.1#36542 (PeerSrv.org): view internal: query: PeerSrv.org IN > + (127.0.0.1) > > followed by a 2nd one: > > 05-Sep-2020 15:30:24.316 queries: info: client @0x7fbce40d5100 > 127.0.0.1#36542 (PeerSrv.org.internal.Tlinx.org): view internal: > query:PeerSrv.org.internal.Tlinx.org IN + (127.0.0.1) > > Where internal is a subdomain within tlinx.org. > > Am wondering why I'm seeing _any_ IPV6 lookups and wondering why I > see a 2nd lookup with the query looking for the domain inside my internal > domain. > > Anyone seen this behavior before? > > It probably doesn't add up to even 1% of my lookups, but I am > curious. > Those are not "IPv6 queries", they are queries over IPv4 for records, sourced from the IPv4 loopback address of your own DNS server. It's common for resolver libraries to ask for both A and records. The fact that you have constrained your named to use only IPv4 transport does not change that behavior. -- Greg ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
queries for IPV6 records on IPV4-only machine.
I am having some queries that I wouldn't think I'd have: I have a split-view ipv4-only named 9.11.2 server that is run with the "-4" switch, yet I see attempted queries in my queries log. I have it set as authoritative for the internal domain (though technically I think it is classified as a lame delegation), and caching only for everything else. First I'll see some server name: 05-Sep-2020 15:30:23.374 queries: info: client @0x7fbcb804e720 127.0.0.1#36542 (PeerSrv.org): view internal: query: PeerSrv.org IN + (127.0.0.1) followed by a 2nd one: 05-Sep-2020 15:30:24.316 queries: info: client @0x7fbce40d5100 127.0.0.1#36542 (PeerSrv.org.internal.Tlinx.org): view internal: query:PeerSrv.org.internal.Tlinx.org IN + (127.0.0.1) Where internal is a subdomain within tlinx.org. Am wondering why I'm seeing _any_ IPV6 lookups and wondering why I see a 2nd lookup with the query looking for the domain inside my internal domain. Anyone seen this behavior before? It probably doesn't add up to even 1% of my lookups, but I am curious. Thanks! Linda ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Do not cache certain domains
Hi, Without having to alter the TTL of the existing RRs as well as the default TTL. I know this can be done using cache-max-ttl to limit the whole cache, but can this be done for say one single or multiple defined domains only? Thanks ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users