From owner-freebsd-questions@FreeBSD.ORG  Sat Feb 28 11:20:55 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0B598106566B
	for <freebsd-questions@freebsd.org>;
	Sat, 28 Feb 2009 11:20:55 +0000 (UTC)
	(envelope-from freebsd@optimis.net)
Received: from mail.optimis.net (mail.optimis.net [69.104.191.124])
	by mx1.freebsd.org (Postfix) with ESMTP id 7A89E8FC14
	for <freebsd-questions@freebsd.org>;
	Sat, 28 Feb 2009 11:20:54 +0000 (UTC)
	(envelope-from freebsd@optimis.net)
Received: from marvin.optimis.net (marvin.optimis.net [192.168.1.3])
	by mail.optimis.net (8.14.2/8.14.2) with ESMTP id n1SAsDNa033185;
	Sat, 28 Feb 2009 02:54:13 -0800 (PST)
	(envelope-from freebsd@optimis.net)
Received: from marvin.optimis.net (localhost [127.0.0.1])
	by marvin.optimis.net (8.14.2/8.14.2) with ESMTP id n1SAsDRY033360;
	Sat, 28 Feb 2009 02:54:13 -0800 (PST)
	(envelope-from freebsd@optimis.net)
Received: (from george@localhost)
	by marvin.optimis.net (8.14.2/8.14.2/Submit) id n1SAsDBS033359;
	Sat, 28 Feb 2009 02:54:13 -0800 (PST)
	(envelope-from freebsd@optimis.net)
Date: Sat, 28 Feb 2009 02:54:13 -0800
From: George Davidovich <freebsd@optimis.net>
To: freebsd-questions@freebsd.org
Message-ID: <20090228105413.GB32023@marvin.optimis.net>
References: <20090228161606.N71460@sola.nimnet.asn.au>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20090228161606.N71460@sola.nimnet.asn.au>
User-Agent: Mutt/1.5.18 (2008-05-17)
Cc: Ian Smith <smithi@nimnet.asn.au>
Subject: Re: Odd DNS requests
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Feb 2009 11:20:55 -0000

On Sat, Feb 28, 2009 at 04:32:47PM +1100, Ian Smith wrote:
> Recently we've had a Mac notebook of some sort on our LAN, that likes
> to make these DNS queries from time to time, to no avail, as noticed
> on a filtering bridge between the LAN and the router+DNS at
> 192.168.0.1:
> 
> 16:13:05.020397 192.168.0.59.53207 > 192.168.0.1.53:  63162+ PTR? b._dns-sd._udp.0.0.168.192.in-addr.arpa. (57) [tos 0x18]
> 16:13:05.021093 192.168.0.1.53 > 192.168.0.59.53207:  63162 NXDomain* 0/1/0 (128) (DF)
> 16:13:05.215790 192.168.0.59.64633 > 192.168.0.1.53:  61059+ PTR? db._dns-sd._udp.0.0.168.192.in-addr.arpa. (58) [tos 0x18]
> 16:13:05.216469 192.168.0.1.53 > 192.168.0.59.64633:  61059 NXDomain* 0/1/0 (129) (DF)
> 16:13:05.226242 192.168.0.59.61635 > 192.168.0.1.53:  6749+ PTR? r._dns-sd._udp.0.0.168.192.in-addr.arpa. (57) [tos 0x18]
> 16:13:05.226789 192.168.0.1.53 > 192.168.0.59.61635:  6749 NXDomain* 0/1/0 (128) (DF)
> 16:13:05.237319 192.168.0.59.56300 > 192.168.0.1.53:  21450+ PTR? dr._dns-sd._udp.0.0.168.192.in-addr.arpa. (58) [tos 0x18]
> 16:13:05.237842 192.168.0.1.53 > 192.168.0.59.56300:  21450 NXDomain* 0/1/0 (129) (DF)
> 16:13:05.248440 192.168.0.59.60806 > 192.168.0.1.53:  10032+ PTR? lb._dns-sd._udp.0.0.168.192.in-addr.arpa. (58) [tos 0x18]
> 16:13:05.249252 192.168.0.1.53 > 192.168.0.59.60806:  10032 NXDomain* 0/1/0 (129) (DF)
> 
> What exactly are these hoping to discover, and what needs turning off
> in the Mac's setup (OSX, most likely a recent version) to quell them?

DNS-Based Service Discovery:
<http://files.dns-sd.org/draft-cheshire-dnsext-dns-sd.txt>

Skip to the section titled: 

	12. Discovery of Browsing and Registration Domains (Domain
	Enumeration)'

when it gets boring.  There may be something more recent or more
authoritative, but that's what I have bookmarked.  

As for configuring the notebook, etc., perhaps someone else can chime
in.

-- 
George