DNS - named: ignoring out-of-zone data

| Friday, February 22, 2008

Pake BIND? dan mengalami error sbb :

named[375]: master/domain.org:11: ignoring out-of-zone data ns2.mine.net.id

sama donk :P

Awalnya sih saya kira ada kesalahan di zone filenya. Tapi setelah diamati dalam tempo yang sesingkat²nya koq smua btul? ada apa ini.. ada apa.. :p
Saya coba query dari luar bisa u/ domain yg ada errornya tadi, dicek dari situs2 u/ cek dns juga ketemu tuh record²nya.

Akhirnya saya biarkan saja, toh sepertinya ngga ngaruh..
Sampai dengan pagi ini ada imel dari bos, nemuin log itu suruh nyari kenapa..
sebernaya gw juga bingung krn cari2 di google juga ga nemu, kalo nemu pun semua berkaitan dgn penulisan zone yang salah..

Ndilalah koq ada eror tambahan root. server bla bla.. duh sayang log e ilang :(
Gak pakai pikir lama, iseng² berhadiah tak coba replace named.rootnya

# dig @a.root-servers.net . ns > named.root
# rndc reload

Hurray.. thx god.. gw liat di log dah bersih sih.. n di query jg lancaarrr.. muach...

Ups.. jgn senang dulu.. ada cobaan lain.. muncul error ini nih di log, banyak lagi..

Feb 22 09:36:46 dns1 named[1376]: client IP#57305: RFC 1918 response from Internet for 3.0.168.192.in-addr.arpa

Untungya di FAQ ada :


Q: What does "RFC 1918 response from Internet for 0.0.0.10.IN-ADDR.ARPA"
mean?
A:
If the IN-ADDR.ARPA name covered refers to a internal address
space you are using then you have failed to follow RFC 1918 usage rules and are
leaking queries to the Internet. You should establish your own zones for these
addresses to prevent you querying the Internet's name servers for these
addresses. Please see http://as112.net/ for details of the problems you are causing
and the counter measures that have had to be deployed.
If you are not using
these private addresses then a client has queried for them. You can just ignore
the messages, get the offending client to stop sending you these messages as
they are most probably leaking them or setup your own zones empty zones to serve
answers to these queries.
zone "10.IN-ADDR.ARPA" {
type master;
file
"empty";
};
zone "16.172.IN-ADDR.ARPA" {
type master;
file
"empty";
};
...
zone "31.172.IN-ADDR.ARPA" {
type master;
file
"empty";
};
zone "168.192.IN-ADDR.ARPA" {
type master;
file
"empty";
};
empty:
@ 10800 IN SOA .
. (
1 3600 1200 604800 10800 )
@ 10800 IN NS
.


Hahaha.. bahasa inggris canggih gtu.. yang jelas dnsku ga dipake u/ query ip lokal, so spt saran di atas aku tambahin zone2 tsb.. trus reload deh.

This entry was posted on 9:29 AM and is filed under dns . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

 

0 komentar:

Post a Comment

Subscribe to: Post Comments (Atom)