On Tue, October 9, 2007 12:25, Simon Arlott wrote:
> On Tue, October 9, 2007 09:25, Ask Bjørn Hansen wrote:
>> In particular we are getting a few hundred thousand PTR queries for
>> "0.0.0.0.p.t.t.h.ip6.arpa." every hour to the pool.ntp.org servers
>> ({a,b,c,d,e}.ntpns.org).
>>
>> After a bit of time staring at the log from my nameserver and tcpdump
>> output I realized it is people trying to resolve "http://north-
>> america.pool.ntp.org." (possibly with a broken request packet, I
>> didn't look that closely). Somehow Net::DNS::Nameserver translates
>> that to a PTR request.
>
> Your nameserver is broken.
>> Any suggestions? That's the operationally reasonable thing to do?
>
> Fix the nameserver so it returns NXDOMAIN to the query instead of
> inventing a PTR query? Perhaps this is a workaround in the server code
> for some other client bug... which you could disable.
Since the query contains a : and it's doing an ip6.arpa lookup, your
nameserver is incorrectly converting a request for "<ipv6 address>. A"
to "<reversed ipv6 address>.ip6.arpa. PTR" - presumably this can easily
be disabled.
--
Simon Arlott
_______________________________________________
timekeepers mailing list
[email protected]
https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
