Date: Thu, 27 Feb 2020 16:14:20 +0100 From: Mark Martinec <Mark.Martinec+freebsd@ijs.si> To: current@freebsd.org Subject: Re: lame reverse DNS? Message-ID: <b8da0bf28600781cbb649d3f5d50033f@ijs.si> In-Reply-To: <20200227093159.GS37073@home.opsec.eu> References: <db42c2a5-f42e-ee4a-5cf8-0136e0867105@protected-networks.net> <8736axm50b.wl-herbert@gojira.at> <20200227093159.GS37073@home.opsec.eu>
next in thread | previous in thread | raw e-mail | index | archive | help
>> The problem has been resolved but I still sometimes see "connect from >> unknown[2610:1c1:1:606c::19:2]" in the maillog (today: 6 of 131 >> connections). Local unbound issue? > That IPv6 has a valid reverse DNS record, so please try to investigate. Looks like an intermittent problem. Tried the following, with different resolvers (local and public): dig -t ptr 2.0.0.0.9.1.0.0.0.0.0.0.0.0.0.0.c.6.0.6.1.0.0.0.1.c.1.0.0.1.6.2.ip6.arpa @9.9.9.9 For example the quad-9 public resolver returned SERVFAIL several times, but eventually started returning the positive reply (NOERROR). There seems to be some mess with NS records and delegations of the domain 1.0.0.0.1.c.1.0.0.1.6.2.ip6.arpa . DNS checkers are complaining about a mismatch between NS records of this domain between a parent NS and domain's NS, e.g. auth1.ns.ny1.nyi.net vs. auth1.sea.ns.nyi.net . Try the domain 1.c.1.0.0.1.6.2.ip6.arpa at the checkers: https://network-tools.webwiz.net/dns-report.htm https://intodns.com/1.c.1.0.0.1.6.2.ip6.arpa https://zonemaster.iis.se/en/?resultid=5e30b31d6f0061c5 Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b8da0bf28600781cbb649d3f5d50033f>