BIND Log File Entries

Home » CentOS » BIND Log File Entries
CentOS 4 Comments

This morning I see this in the syslog on our primary public DNS host.

internal_send: 142.77.1.1#33950: Connection timed out: 1 Time(s)
internal_send: 142.77.1.1#35153: Connection timed out: 1 Time(s)
internal_send: 142.77.1.1#35644: Connection timed out: 1 Time(s)
internal_send: 142.77.1.1#49394: Connection timed out: 1 Time(s)
internal_send: 142.77.1.1#49816: Connection timed out: 1 Time(s)
internal_send: 142.77.1.1#49929: Connection timed out: 1 Time(s)
internal_send: 142.77.1.1#50281: Connection timed out: 1 Time(s)
internal_send: 142.77.1.1#50453: Connection timed out: 1 Time(s)
internal_send: 142.77.1.1#50534: Connection timed out: 1 Time(s)
. . . (x100s)

dig -x 142.77.1.1

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> -x 142.77.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31154 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;1.1.77.142.in-addr.arpa. IN PTR ;; ANSWER SECTION: 1.1.77.142.in-addr.arpa. 604800 IN PTR ns.uunet.ca. ;; AUTHORITY SECTION: 77.142.in-addr.arpa. 86400 IN NS ns.uunet.ca. 77.142.in-addr.arpa. 86400 IN NS AUTH01.NS.UU.NET. 77.142.in-addr.arpa. 86400 IN NS NS2.uunet.ca. ;; ADDITIONAL SECTION: AUTH01.NS.UU.NET. 167 IN A 198.6.1.81 ns.uunet.ca. 86400 IN A 142.77.1.1 NS2.uunet.ca. 86400 IN A 142.77.1.5 ;; Query time: 114 msec ;; SERVER: 216.185.71.33#53(216.185.71.33) ;; WHEN: Thu May 1 09:59:50 2014 ;; MSG SIZE rcvd: 176 What is this and why is it happening?

4 thoughts on - BIND Log File Entries

  • Some of my digging turns up the possibility that your system is trying to perform IPv6 DNS queries against an IPv4 DNS server.

  • I think that you will receive the directly addressed message without any indication of spam. The one routed through the Mailing list will probably be flagged unless you have white-listed me.

    The CentOS list uses Mailman (2.1.12) and as another has pointed out, recent changes to DMARC enforcement at Yahoo, AOL, and now apparently Google, causes DKIM signed email forwarded though mailman to fail the authentication checks relating to DKIM. This is either treated as suspicious (as is apparently the case with Google) or rejected outright, as is the case with Yahoo and AOL.

    We really need Mailman 2.1.18 as this fixes a lot of bugs with DKIM handling still present in 2.1.16/17 but .18 is only at the RC3 stage of release.

  • James B. Byrne wrote:
    Google, authentication apparently and AOL. release.

    I see folks are annoyed at being blacklisted….

    This is a test, to see if the mailserver that my giant hosting provider uses is still totally banned by those morons at iX who run dnsbl.manitu.com….

    mark

  • From: James B. Byrne

    I use yahoo mail for my mailing lists and I “only lost” around 5 of them (disabled

    because of bounced messages) out of 22. And, as you guessed, CentOS ml seems unaffected so far.

    JD