DNS : logs étranges
Le
Michel Grentzinger
Bonjour,
J'ai des logs étranges dans mon syslog. Mon serveur est destiné =
à fournir un
DNS cache à mes postes locaux et un DNS/DHCP dynamique pour mon rÃ=
©seau local.
Exemple :
Apr 28 07:48:04 kayak named[5913]: network unreachable
resolving 'NS.LACNIC.NET/AAAA/IN': 2001:503:231d::2:30#53
J'ai déjà posté sur un sujet similaire :
http://lists.debian.org/debian-user...00283.html
J'ai du laisser ceci dans mon named.conf.local
edns-udp-size 512;
max-udp-size 512;
Ci-dessous une partie des logs sachant que j'accèd à presque tous=
les sites notés comme "netwok unreachable" :
L'IPv6 est-il pour quelque chose ?
[root@kayak]:~ # cat /var/log/syslog | grep named | grep -v "127.0.0.1"
Apr 28 07:40:15 kayak named[5913]: network unreachable
resolving 'TINNIE.ARIN.NET/A/IN': 2001:503:a83e::2:30#53
Apr 28 07:40:15 kayak named[5913]: network unreachable
resolving 'TINNIE.ARIN.NET/AAAA/IN': 2001:503:a83e::2:30#53
Apr 28 07:48:04 kayak named[5913]: network unreachable
resolving 'NS.LACNIC.NET/A/IN': 2001:503:231d::2:30#53
Apr 28 07:48:04 kayak named[5913]: network unreachable
resolving 'NS.LACNIC.NET/AAAA/IN': 2001:503:231d::2:30#53
Apr 28 07:48:06 kayak named[5913]: network unreachable
resolving 'dns1.fz.fj.cn/A/IN': 2001:dc7::1#53
Apr 28 08:49:12 kayak named[5913]: network unreachable
resolving 'ns3.xs4all.nl/A/IN': 2001:4f8:0:2::13#53
Apr 28 08:49:12 kayak named[5913]: network unreachable
resolving 'ns3.xs4all.nl/AAAA/IN': 2001:4f8:0:2::13#53
Apr 28 08:49:12 kayak named[5913]: network unreachable
resolving 'ns1.cs.ucl.ac.uk/A/IN': 2001:630:0:9::14#53
Apr 28 08:49:12 kayak named[5913]: network unreachable
resolving '50.128.210.62.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:2#53
Apr 28 08:49:12 kayak named[5913]: network unreachable
resolving 'ns1.cs.ucl.ac.uk/A/IN': 2001:630:0:8::14#53
Apr 28 08:53:42 kayak named[5913]: network unreachable
resolving '121.30.13.201.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:1#53
Apr 28 08:53:42 kayak named[5913]: network unreachable
resolving '121.30.13.201.iadb.isipp.com/A/IN':
2001:470:1:41:a800:ff:fe50:3143#53
Apr 28 08:53:42 kayak named[5913]: too many timeouts
resolving '121.30.13.201.zen.spamhaus.org/A' (in 'zen.spamhaus.org'?):
disabling EDNS
Apr 28 08:53:51 kayak named[5913]: network unreachable
resolving '239.252.93.81.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:2#53
Apr 28 08:53:51 kayak named[5913]: network unreachable
resolving 'ns2.sd-france.net/A/IN': 2001:503:a83e::2:30#53
Apr 28 08:53:51 kayak named[5913]: network unreachable
resolving 'ns2.sd-france.net/AAAA/IN': 2001:503:a83e::2:30#53
Apr 28 08:53:51 kayak named[5913]: too many timeouts
resolving '239.252.93.81.zen.spamhaus.org/A' (in 'zen.spamhaus.org'?):
disabling EDNS
Apr 28 08:53:52 kayak named[5913]: network unreachable
resolving '13.171.200.193.sbl.spamhaus.org/TXT/IN': 2001:7b8:3:1f:0:2:53:1#=
53
Apr 28 08:53:52 kayak named[5913]: too many timeouts
resolving '13.171.200.193.sbl.spamhaus.org/TXT' (in 'sbl.spamhaus.org'?):
disabling EDNS
Apr 28 08:53:53 kayak named[5913]: network unreachable
resolving 'ns6.netnames.net/A/IN': 2001:503:231d::2:30#53
Apr 28 08:53:53 kayak named[5913]: network unreachable
resolving 'ns6.netnames.net/AAAA/IN': 2001:503:231d::2:30#53
Apr 28 08:54:02 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 204.74.109.1#53
Apr 28 08:54:02 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 204.74.115.1#53
Apr 28 08:54:02 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 199.7.68.1#53
Apr 28 08:54:03 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 204.74.114.1#53
Apr 28 08:54:03 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 199.7.69.1#53
Apr 28 08:54:03 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 204.74.108.1#53
Apr 28 08:54:03 kayak named[5913]: network unreachable
resolving 'adns.yieldmanager.com/AAAA/IN': 2001:502:4612::1#53
Apr 28 08:54:03 kayak named[5913]: network unreachable
resolving 'adns.yieldmanager.com/AAAA/IN': 2001:502:f3ff::1#53
Apr 28 08:54:04 kayak named[5913]: too many timeouts
resolving 'web3.radionomy.com/AAAA' (in 'radionomy.com'?): reducing the
advertised EDNS UDP packet size to 512 octets
Apr 28 09:48:35 kayak named[5913]: network unreachable
resolving 'xoap.weather.com/AAAA/IN': 2001:503:231d::2:30#53
Apr 28 11:10:54 kayak named[5913]: unexpected RCODE (REFUSED)
resolving 'www.voyages-nf.com/A/IN': 83.169.77.74#53
Apr 28 11:10:54 kayak named[5913]: unexpected RCODE (SERVFAIL)
resolving 'www.voyages-nf.com/A/IN': 212.37.204.18#53
Apr 28 11:21:42 kayak named[5913]: network unreachable
resolving 'www.britax-romer.fr/A/IN': 2a02:2b8:1:406::724:142#53
Apr 28 11:21:42 kayak named[5913]: network unreachable
resolving 'www.britax-romer.fr/A/IN': 2a02:2b8:1:406::724:136#53
Apr 28 11:21:42 kayak named[5913]: network unreachable
resolving 'ns1.host7x24.com/A/IN': 2001:503:a83e::2:30#53
Apr 28 11:48:42 kayak named[5913]: network unreachable
resolving 'xoap.weather.com/AAAA/IN': 2001:503:231d::2:30#53
Apr 28 13:24:58 kayak named[5913]: network unreachable
resolving '42.243.133.211.in-addr.arpa/PTR/IN': 2001:dc0:1:0:4777::131#53
Apr 28 13:24:58 kayak named[5913]: network unreachable
resolving 'a.dns.jp/A/IN': 2001:dc4::1#53
Apr 28 13:24:58 kayak named[5913]: network unreachable
resolving 'a.dns.jp/A/IN': 2001:dc2::1#53
Apr 28 13:24:58 kayak named[5913]: network unreachable
resolving 'ns01.idc.jp/A/IN': 2001:502:d399::245#53
Apr 28 13:24:58 kayak named[5913]: network unreachable
resolving 'ns01.idc.jp/AAAA/IN': 2001:502:d399::245#53
Apr 28 14:01:36 kayak named[5913]: network unreachable
resolving '126.22.96.84.combined.njabl.org/A/IN': 2001:500:e::1#53
Apr 28 14:01:36 kayak named[5913]: network unreachable
resolving '126.22.96.84.combined.njabl.org/A/IN': 2001:500:f::1#53
Apr 28 14:01:36 kayak named[5913]: network unreachable
resolving '126.22.96.84.combined.njabl.org/A/IN': 2001:500:b::1#53
Apr 28 14:01:36 kayak named[5913]: network unreachable
resolving '72.22.96.84.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:1#53
Apr 28 14:01:36 kayak named[5913]: network unreachable
resolving '72.22.96.84.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:2#53
Apr 28 14:01:37 kayak named[5913]: too many timeouts
resolving '72.22.96.84.zen.spamhaus.org/A' (in 'zen.spamhaus.org'?):
disabling EDNS
Apr 28 14:01:37 kayak named[5913]: network unreachable
resolving 'globalisnet.com/SPF/IN': 2001:470:300::2#53
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'ltns2.returnpath.net/AAAA' (in 'returnpath.net'?): reducing the=
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'sgns1.returnpath.net/AAAA' (in 'returnpath.net'?): reducing the=
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'spns3.returnpath.net/A' (in 'returnpath.net'?): reducing the
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'spns3.returnpath.net/AAAA' (in 'returnpath.net'?): reducing the=
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'xlns2.returnpath.net/A' (in 'returnpath.net'?): reducing the
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'eukns1.returnpath.net/A' (in 'returnpath.net'?): reducing the
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'xlns11.returnpath.net/AAAA' (in 'returnpath.net'?): reducing the=
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'eukns1.returnpath.net/AAAA' (in 'returnpath.net'?): reducing the=
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'xlns3.returnpath.net/A' (in 'returnpath.net'?): reducing the
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:42 kayak named[5913]: too many timeouts
resolving 's1.returnpath.net/AAAA' (in 'returnpath.net'?): disabling EDNS
Apr 28 14:01:43 kayak named[5913]: too many timeouts
resolving '126.22.96.84.sa-other.bondedsender.org/TXT'
(in 'sa-other.bondedsender.org'?): disabling EDNS
Apr 28 14:01:58 kayak named[5913]: too many timeouts
resolving 'ltns3.returnpath.net/A' (in 'returnpath.net'?): disabling EDNS
Apr 28 14:01:58 kayak named[5913]: too many timeouts
resolving 'spns5.returnpath.net/A' (in 'returnpath.net'?): disabling EDNS
Apr 28 14:24:54 kayak named[5913]: lame server resolving 'www.sexyloo.com'=
(in 'sexyloo.com'?): 213.251.165.197#53
Apr 28 14:25:03 kayak named[5913]: network unreachable
resolving 'dns1.hosteur.com/A/IN': 2001:503:a83e::2:30#53
Apr 28 14:25:03 kayak named[5913]: network unreachable
resolving 'dns1.hosteur.com/AAAA/IN': 2001:503:a83e::2:30#53
Apr 28 14:25:06 kayak named[5913]: lame server resolving 'www.ak14.net'
(in 'ak14.net'?): 212.27.32.132#53
Apr 28 14:25:09 kayak named[5913]: network unreachable
resolving 'www.icra.org/AAAA/IN': 2001:500:40::1#53
Apr 28 14:25:09 kayak named[5913]: network unreachable
resolving 'www.icra.org/AAAA/IN': 2001:500:c::1#53
Apr 28 14:25:11 kayak named[5913]: lame server resolving 'ns1.xeon-quad.net=
'
(in 'xeon-quad.net'?): 87.98.160.59#53
Apr 28 14:25:11 kayak named[5913]: lame server resolving 'ns2.xeon-quad.net=
'
(in 'xeon-quad.net'?): 87.98.160.59#53
Apr 28 14:25:11 kayak named[5913]: lame server resolving 'ns1.xeon-quad.net=
'
(in 'xeon-quad.net'?): 94.23.21.59#53
Apr 28 14:25:11 kayak named[5913]: lame server resolving 'ns2.xeon-quad.net=
'
(in 'xeon-quad.net'?): 94.23.21.59#53
Apr 28 14:25:12 kayak named[5913]: too many timeouts
resolving 'gratuit.hitclic.com/AAAA' (in 'hitclic.com'?): disabling EDNS
Apr 28 14:41:12 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 217.174.200.97#53
Apr 28 14:41:13 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 67.30.129.90#53
Apr 28 14:41:13 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 213.205.102.3#53
Apr 28 14:41:13 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 217.174.200.97#53
Apr 28 14:41:13 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 213.205.102.3#53
Apr 28 14:41:13 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 67.30.129.90#53
Apr 28 14:41:18 kayak named[5913]: FORMERR
resolving 'hc1.equipement.gouv.fr/AAAA/IN': 83.206.157.248#53
Apr 28 14:41:18 kayak named[5913]: FORMERR
resolving 'hc1.equipement.gouv.fr/AAAA/IN': 194.5.172.248#53
Apr 28 14:41:18 kayak named[5913]: FORMERR
resolving 'hc1.equipement.gouv.fr/AAAA/IN': 194.5.172.248#53
Apr 28 14:41:18 kayak named[5913]: FORMERR
resolving 'hc1.equipement.gouv.fr/AAAA/IN': 83.206.157.248#53
--
Michel Grentzinger
OpenPGP key ID : B2BAFAFA
Available on http://www.keyserver.net
--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists Vous pouvez aussi ajouter le mot
``spam'' dans vos champs "From" et "Reply-To:"
Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers debian-user-french-REQUEST@lists.debian.org
En cas de soucis, contactez EN ANGLAIS listmaster@lists.debian.org
J'ai des logs étranges dans mon syslog. Mon serveur est destiné =
à fournir un
DNS cache à mes postes locaux et un DNS/DHCP dynamique pour mon rÃ=
©seau local.
Exemple :
Apr 28 07:48:04 kayak named[5913]: network unreachable
resolving 'NS.LACNIC.NET/AAAA/IN': 2001:503:231d::2:30#53
J'ai déjà posté sur un sujet similaire :
http://lists.debian.org/debian-user...00283.html
J'ai du laisser ceci dans mon named.conf.local
edns-udp-size 512;
max-udp-size 512;
Ci-dessous une partie des logs sachant que j'accèd à presque tous=
les sites notés comme "netwok unreachable" :
L'IPv6 est-il pour quelque chose ?
[root@kayak]:~ # cat /var/log/syslog | grep named | grep -v "127.0.0.1"
Apr 28 07:40:15 kayak named[5913]: network unreachable
resolving 'TINNIE.ARIN.NET/A/IN': 2001:503:a83e::2:30#53
Apr 28 07:40:15 kayak named[5913]: network unreachable
resolving 'TINNIE.ARIN.NET/AAAA/IN': 2001:503:a83e::2:30#53
Apr 28 07:48:04 kayak named[5913]: network unreachable
resolving 'NS.LACNIC.NET/A/IN': 2001:503:231d::2:30#53
Apr 28 07:48:04 kayak named[5913]: network unreachable
resolving 'NS.LACNIC.NET/AAAA/IN': 2001:503:231d::2:30#53
Apr 28 07:48:06 kayak named[5913]: network unreachable
resolving 'dns1.fz.fj.cn/A/IN': 2001:dc7::1#53
Apr 28 08:49:12 kayak named[5913]: network unreachable
resolving 'ns3.xs4all.nl/A/IN': 2001:4f8:0:2::13#53
Apr 28 08:49:12 kayak named[5913]: network unreachable
resolving 'ns3.xs4all.nl/AAAA/IN': 2001:4f8:0:2::13#53
Apr 28 08:49:12 kayak named[5913]: network unreachable
resolving 'ns1.cs.ucl.ac.uk/A/IN': 2001:630:0:9::14#53
Apr 28 08:49:12 kayak named[5913]: network unreachable
resolving '50.128.210.62.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:2#53
Apr 28 08:49:12 kayak named[5913]: network unreachable
resolving 'ns1.cs.ucl.ac.uk/A/IN': 2001:630:0:8::14#53
Apr 28 08:53:42 kayak named[5913]: network unreachable
resolving '121.30.13.201.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:1#53
Apr 28 08:53:42 kayak named[5913]: network unreachable
resolving '121.30.13.201.iadb.isipp.com/A/IN':
2001:470:1:41:a800:ff:fe50:3143#53
Apr 28 08:53:42 kayak named[5913]: too many timeouts
resolving '121.30.13.201.zen.spamhaus.org/A' (in 'zen.spamhaus.org'?):
disabling EDNS
Apr 28 08:53:51 kayak named[5913]: network unreachable
resolving '239.252.93.81.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:2#53
Apr 28 08:53:51 kayak named[5913]: network unreachable
resolving 'ns2.sd-france.net/A/IN': 2001:503:a83e::2:30#53
Apr 28 08:53:51 kayak named[5913]: network unreachable
resolving 'ns2.sd-france.net/AAAA/IN': 2001:503:a83e::2:30#53
Apr 28 08:53:51 kayak named[5913]: too many timeouts
resolving '239.252.93.81.zen.spamhaus.org/A' (in 'zen.spamhaus.org'?):
disabling EDNS
Apr 28 08:53:52 kayak named[5913]: network unreachable
resolving '13.171.200.193.sbl.spamhaus.org/TXT/IN': 2001:7b8:3:1f:0:2:53:1#=
53
Apr 28 08:53:52 kayak named[5913]: too many timeouts
resolving '13.171.200.193.sbl.spamhaus.org/TXT' (in 'sbl.spamhaus.org'?):
disabling EDNS
Apr 28 08:53:53 kayak named[5913]: network unreachable
resolving 'ns6.netnames.net/A/IN': 2001:503:231d::2:30#53
Apr 28 08:53:53 kayak named[5913]: network unreachable
resolving 'ns6.netnames.net/AAAA/IN': 2001:503:231d::2:30#53
Apr 28 08:54:02 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 204.74.109.1#53
Apr 28 08:54:02 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 204.74.115.1#53
Apr 28 08:54:02 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 199.7.68.1#53
Apr 28 08:54:03 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 204.74.114.1#53
Apr 28 08:54:03 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 199.7.69.1#53
Apr 28 08:54:03 kayak named[5913]: FORMERR
resolving 'adns.yieldmanager.com/AAAA/IN': 204.74.108.1#53
Apr 28 08:54:03 kayak named[5913]: network unreachable
resolving 'adns.yieldmanager.com/AAAA/IN': 2001:502:4612::1#53
Apr 28 08:54:03 kayak named[5913]: network unreachable
resolving 'adns.yieldmanager.com/AAAA/IN': 2001:502:f3ff::1#53
Apr 28 08:54:04 kayak named[5913]: too many timeouts
resolving 'web3.radionomy.com/AAAA' (in 'radionomy.com'?): reducing the
advertised EDNS UDP packet size to 512 octets
Apr 28 09:48:35 kayak named[5913]: network unreachable
resolving 'xoap.weather.com/AAAA/IN': 2001:503:231d::2:30#53
Apr 28 11:10:54 kayak named[5913]: unexpected RCODE (REFUSED)
resolving 'www.voyages-nf.com/A/IN': 83.169.77.74#53
Apr 28 11:10:54 kayak named[5913]: unexpected RCODE (SERVFAIL)
resolving 'www.voyages-nf.com/A/IN': 212.37.204.18#53
Apr 28 11:21:42 kayak named[5913]: network unreachable
resolving 'www.britax-romer.fr/A/IN': 2a02:2b8:1:406::724:142#53
Apr 28 11:21:42 kayak named[5913]: network unreachable
resolving 'www.britax-romer.fr/A/IN': 2a02:2b8:1:406::724:136#53
Apr 28 11:21:42 kayak named[5913]: network unreachable
resolving 'ns1.host7x24.com/A/IN': 2001:503:a83e::2:30#53
Apr 28 11:48:42 kayak named[5913]: network unreachable
resolving 'xoap.weather.com/AAAA/IN': 2001:503:231d::2:30#53
Apr 28 13:24:58 kayak named[5913]: network unreachable
resolving '42.243.133.211.in-addr.arpa/PTR/IN': 2001:dc0:1:0:4777::131#53
Apr 28 13:24:58 kayak named[5913]: network unreachable
resolving 'a.dns.jp/A/IN': 2001:dc4::1#53
Apr 28 13:24:58 kayak named[5913]: network unreachable
resolving 'a.dns.jp/A/IN': 2001:dc2::1#53
Apr 28 13:24:58 kayak named[5913]: network unreachable
resolving 'ns01.idc.jp/A/IN': 2001:502:d399::245#53
Apr 28 13:24:58 kayak named[5913]: network unreachable
resolving 'ns01.idc.jp/AAAA/IN': 2001:502:d399::245#53
Apr 28 14:01:36 kayak named[5913]: network unreachable
resolving '126.22.96.84.combined.njabl.org/A/IN': 2001:500:e::1#53
Apr 28 14:01:36 kayak named[5913]: network unreachable
resolving '126.22.96.84.combined.njabl.org/A/IN': 2001:500:f::1#53
Apr 28 14:01:36 kayak named[5913]: network unreachable
resolving '126.22.96.84.combined.njabl.org/A/IN': 2001:500:b::1#53
Apr 28 14:01:36 kayak named[5913]: network unreachable
resolving '72.22.96.84.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:1#53
Apr 28 14:01:36 kayak named[5913]: network unreachable
resolving '72.22.96.84.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:2#53
Apr 28 14:01:37 kayak named[5913]: too many timeouts
resolving '72.22.96.84.zen.spamhaus.org/A' (in 'zen.spamhaus.org'?):
disabling EDNS
Apr 28 14:01:37 kayak named[5913]: network unreachable
resolving 'globalisnet.com/SPF/IN': 2001:470:300::2#53
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'ltns2.returnpath.net/AAAA' (in 'returnpath.net'?): reducing the=
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'sgns1.returnpath.net/AAAA' (in 'returnpath.net'?): reducing the=
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'spns3.returnpath.net/A' (in 'returnpath.net'?): reducing the
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'spns3.returnpath.net/AAAA' (in 'returnpath.net'?): reducing the=
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'xlns2.returnpath.net/A' (in 'returnpath.net'?): reducing the
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'eukns1.returnpath.net/A' (in 'returnpath.net'?): reducing the
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'xlns11.returnpath.net/AAAA' (in 'returnpath.net'?): reducing the=
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'eukns1.returnpath.net/AAAA' (in 'returnpath.net'?): reducing the=
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:38 kayak named[5913]: too many timeouts
resolving 'xlns3.returnpath.net/A' (in 'returnpath.net'?): reducing the
advertised EDNS UDP packet size to 512 octets
Apr 28 14:01:42 kayak named[5913]: too many timeouts
resolving 's1.returnpath.net/AAAA' (in 'returnpath.net'?): disabling EDNS
Apr 28 14:01:43 kayak named[5913]: too many timeouts
resolving '126.22.96.84.sa-other.bondedsender.org/TXT'
(in 'sa-other.bondedsender.org'?): disabling EDNS
Apr 28 14:01:58 kayak named[5913]: too many timeouts
resolving 'ltns3.returnpath.net/A' (in 'returnpath.net'?): disabling EDNS
Apr 28 14:01:58 kayak named[5913]: too many timeouts
resolving 'spns5.returnpath.net/A' (in 'returnpath.net'?): disabling EDNS
Apr 28 14:24:54 kayak named[5913]: lame server resolving 'www.sexyloo.com'=
(in 'sexyloo.com'?): 213.251.165.197#53
Apr 28 14:25:03 kayak named[5913]: network unreachable
resolving 'dns1.hosteur.com/A/IN': 2001:503:a83e::2:30#53
Apr 28 14:25:03 kayak named[5913]: network unreachable
resolving 'dns1.hosteur.com/AAAA/IN': 2001:503:a83e::2:30#53
Apr 28 14:25:06 kayak named[5913]: lame server resolving 'www.ak14.net'
(in 'ak14.net'?): 212.27.32.132#53
Apr 28 14:25:09 kayak named[5913]: network unreachable
resolving 'www.icra.org/AAAA/IN': 2001:500:40::1#53
Apr 28 14:25:09 kayak named[5913]: network unreachable
resolving 'www.icra.org/AAAA/IN': 2001:500:c::1#53
Apr 28 14:25:11 kayak named[5913]: lame server resolving 'ns1.xeon-quad.net=
'
(in 'xeon-quad.net'?): 87.98.160.59#53
Apr 28 14:25:11 kayak named[5913]: lame server resolving 'ns2.xeon-quad.net=
'
(in 'xeon-quad.net'?): 87.98.160.59#53
Apr 28 14:25:11 kayak named[5913]: lame server resolving 'ns1.xeon-quad.net=
'
(in 'xeon-quad.net'?): 94.23.21.59#53
Apr 28 14:25:11 kayak named[5913]: lame server resolving 'ns2.xeon-quad.net=
'
(in 'xeon-quad.net'?): 94.23.21.59#53
Apr 28 14:25:12 kayak named[5913]: too many timeouts
resolving 'gratuit.hitclic.com/AAAA' (in 'hitclic.com'?): disabling EDNS
Apr 28 14:41:12 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 217.174.200.97#53
Apr 28 14:41:13 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 67.30.129.90#53
Apr 28 14:41:13 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 213.205.102.3#53
Apr 28 14:41:13 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 217.174.200.97#53
Apr 28 14:41:13 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 213.205.102.3#53
Apr 28 14:41:13 kayak named[5913]: FORMERR
resolving 'emploi.talents.fr/AAAA/IN': 67.30.129.90#53
Apr 28 14:41:18 kayak named[5913]: FORMERR
resolving 'hc1.equipement.gouv.fr/AAAA/IN': 83.206.157.248#53
Apr 28 14:41:18 kayak named[5913]: FORMERR
resolving 'hc1.equipement.gouv.fr/AAAA/IN': 194.5.172.248#53
Apr 28 14:41:18 kayak named[5913]: FORMERR
resolving 'hc1.equipement.gouv.fr/AAAA/IN': 194.5.172.248#53
Apr 28 14:41:18 kayak named[5913]: FORMERR
resolving 'hc1.equipement.gouv.fr/AAAA/IN': 83.206.157.248#53
--
Michel Grentzinger
OpenPGP key ID : B2BAFAFA
Available on http://www.keyserver.net
--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists Vous pouvez aussi ajouter le mot
``spam'' dans vos champs "From" et "Reply-To:"
Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers debian-user-french-REQUEST@lists.debian.org
En cas de soucis, contactez EN ANGLAIS listmaster@lists.debian.org
Poser une question
Michel Grentzinger
Hum, il doit être ouvert pour l'ipv6 et les réseaux extérieurs,
allow-recursion {192.168.0.0/24; 127.0.0.0/8;};
listen-on-v6 { fe00::0; };
dans named.conf.options devrait régler le problème.
(réseau local supposé être 192.168.0.0/24, il faut adapter)
François Boisson
--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists Vous pouvez aussi ajouter le mot
``spam'' dans vos champs "From" et "Reply-To:"
Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Dans la mesure ou mon firewall ne laisse rien entrer sur le port 53, est-ce
normal d'avoir ces logs ?
Mon firewall a-t-il un problème ?
Si je comprend bien, on autorise la résolution que pour le réseau local et
pour l'IPv6, on écoute uniquement les demandes venant le l'hôte local ?
Avant, j'avais :
listen-on-v6 { any; };
--
Michel Grentzinger
OpenPGP key ID : B2BAFAFA
Available on http://www.keyserver.net
--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists Vous pouvez aussi ajouter le mot
``spam'' dans vos champs "From" et "Reply-To:"
Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Michel Grentzinger a message of 232 lines which said:
Vos messages d'erreur sont relatifs à des serveurs IPv6. Comme
2001:503:231d::2:30 répond normalement, j'en déduis que c'est votre
connexion IPv6 qu'il faudrait déboguer.
Et j'ai déjà dit que c'était une très mauvaise idée :
- 512 octets est très bas pour les exigences du DNS d'aujourd'hui
(entre DNSSEC, IDN et IPv6)
- le problème ne semble pas du tout lié à EDNS
Puis-je demander comment vous avez testé cela ? Si c'est par ping,
cela ne vaut pas grand'chose, dans un Internet rempli de pare-feux,
ICMP peut être accessible et le DNS bloqué ou bien le contraire.
Si vous n'avez pas testé 2001:503:231d::2:30 avec dig, cela ne prouve
donc rien.
Il semble bien. Que donne un traceroute6 sur 2001:503:231d::2:30 ?
Là, c'est un tout autre problème (je n'en connais pas la cause : je
viens de tester 204.74.109.1 et il semble répondre correctement).
--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists Vous pouvez aussi ajouter le mot
``spam'' dans vos champs "From" et "Reply-To:"
Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
François Boisson a message of 32 lines which said:
Franchement, je ne vois pas le rapport. Son résolveur a du mal à se
connecter à certains serveurs externes, en quoi changer la liste des
clients autorisés pourrait-il aider ?
Sans compter que l'adresse donnée en listen-on-v6 est fausse, les
adresses lien-local (si c'était bien le but) sont en FE80::/8.
--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists Vous pouvez aussi ajouter le mot
``spam'' dans vos champs "From" et "Reply-To:"
Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Michel Grentzinger a message of 42 lines which said:
Tout à fait normal. Cela n'a rien à voir. Ces messages d'erreur sont
dûs à des interrogations venant de votre serveur.
--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists Vous pouvez aussi ajouter le mot
``spam'' dans vos champs "From" et "Reply-To:"
Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS