is your host or dhcp server sending dns dynamic updates for rfc1918?
Paul Vixie
paul at vix.com
Fri Apr 19 15:34:26 UTC 2002
> > according to http://root-servers.org/, dns transactions concerning rfc1918
> > address space are now being served by an anycast device near you ...
>
> And right you are. However, pray tell, why doesn't bind feature a simple way
> to not log these spurious updates? As far as I can tell lots of people want
> to just ignore these messages but can only do so by turning off all security
> logging.
that question belongs on bind-users at isc.org, i suspect. but i'll answer: if
you redirect the "update" and "security" categories to channel "null" then it
works like you want. if there was demand, ISC would make a specific category
called "failed-updates" so that other security related events wouldn't have
to be nulled at the same time.
> Please note that PowerDNS is just as silly in this respect up to 1.99.9. The
> next version features --log-failed-updates which defaults to off.
not all failed updates are spurious. i recommend against this as a default.
More information about the NANOG
mailing list