readthefuckingmanual.net

[SOLVED] RFC 1918 response from Internet

Error added: 2007-10-02T15:02:00Z

1 people waiting for the answer...

1 answers found.

Answer 632 (85.71429% helpful)

Per Stephane Bortzmeyer:

Q: What does \"RFC 1918 response from Internet for 0.0.0.10.IN-ADDR.ARPA\" mean?

A: If the IN-ADDR.ARPA name covered refers to a internal address space you are
   using then you have failed to follow RFC 1918 usage rules and are leaking
   queries to the Internet. You should establish your own zones for these
   addresses to prevent you querying the Internet\'s name servers for these
   addresses. Please see http://as112.net/ for details of the problems you are
   causing and the counter measures that have had to be deployed.

   If you are not using these private addresses then a client has queried for
   them. You can just ignore the messages, get the offending client to stop
   sending you these messages as they are most probably leaking them or setup your
   own zones empty zones to serve answers to these queries.

   zone \"10.IN-ADDR.ARPA\" {
           type master;
           file \"empty\";
   };

   zone \"16.172.IN-ADDR.ARPA\" {
           type master;
           file \"empty\";
   };

   ...

   zone \"31.172.IN-ADDR.ARPA\" {
           type master;
           file \"empty\";
   };

   zone \"168.192.IN-ADDR.ARPA\" {
           type master;
           file \"empty\";
   };

   empty:
   @ 10800 IN SOA <name-of-server>. <contact-email>. (
                  1 3600 1200 604800 10800 )
   @ 10800 IN NS <name-of-server>.

   Note

   Future versions of named are likely to do this automatically. 
Permalink

Add an answer/solution

If you know the answer, please add your own solution below.
If you don't know, but find out later, please come back and share your answer - there will be other people struggling with this too.


Please enter 61948 here

If you want to be notified via email when this is solved, enter your email address here: