I thought 192.168.0.0 was fair game for internal nets?
I have been using the 192.168.0.0 network space for some time now. Recently I discovered I was unable to get nslookups. I was digging around the other day with some of the bindutils and found some university was using that in a way that was visible out on the internet. I really do not understand how bind works, but I do know I have had strange behavior lately. It takes forever to contact my own systems. I have my dns configured to be the SOA for my domin, so I don't know why this would happen. The nslookup bellow shows you what I am getting. My DNS server is 192.168.0.4. The other bindutils find my server and return meaningful results that make sense in my domain. Does anybody else run a name server for an internal network that remains connected to the internet 24x7? Do you understand what is going on here? ___________________________________________________________ bash-2.04# nslookup *** Can't find server name for address 192.168.0.4: Non-exist ent host/domain *** Default servers are not available __________________________________________________ bash-2.04# nslookup -d ;; res_nmkquery(QUERY, 4.0.168.192.in-addr.arpa, IN, PTR) ------------ Got answer: HEADER: opcode = QUERY, id = 63969, rcode = NXDOMAIN header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0 QUESTIONS: 4.0.168.192.in-addr.arpa, type = PTR, class = IN AUTHORITY RECORDS: -> 168.192.in-addr.arpa ttl = 5073 (1h24m33s) origin = blackhole.isi.edu mail addr = bmanning.isi.edu serial = 19971802 refresh = 10800 (3H) retry = 900 (15M) expire = 604800 (1W) minimum ttl = 86400 (1D) ------------ *** Can't find server name for address 192.168.0.4: Non-existent host/domain *** Default servers are not available bash-2.04#
"Steven T. Hatton" wrote:
I have been using the 192.168.0.0 network space for some time now. Recently I discovered I was unable to get nslookups. I was digging around the other day with some of the bindutils and found some university was using that in a way that was visible out on the internet. I really do not understand how bind works, but I do know I have had strange behavior lately. It takes forever to contact my own systems. I have my dns configured to be the SOA for my domin, so I don't know why this would happen. The nslookup bellow shows you what I am getting. My DNS server is 192.168.0.4. The other bindutils find my server and return meaningful results that make sense in my domain.
Does anybody else run a name server for an internal network that remains connected to the internet 24x7? Do you understand what is going on here?
Hi Steve, from what you say, it sounds like a misconfigured Network "blowing" these addresses onto the internet. 192.168.0.x to 192.168.255.x are assigned for "private" networks. Same with 10.x.x.x and one 172.something network. These addresses / packets should stay inside. I use 192.168.42.x (forty.two) as private domain. No trouble yet. Juergen -- =========================================== __ _ Juergen Braukmann juergen.braukmann@gmx.de| -o)/ / (_)__ __ ____ __ Tel: 0201-743648 dk4jb@db0qs.#nrw.deu.eu | /\\ /__/ / _ \/ // /\ \/ / ===========================================_\_v __/_/_//_/\_,_/ /_/\_\
Steven T. Hatton wrote:
I have been using the 192.168.0.0 network space for some time now. Recently I discovered I was unable to get nslookups. I was digging around the other day with some of the bindutils and found some university was using that in a way that was visible out on the internet. I really do not understand how bind works, but I do know I have had strange behavior lately. It takes forever to contact my own systems. I have my dns configured to be the SOA for my domin, so I don't know why this would happen. The nslookup bellow shows you what I am getting. My DNS server is 192.168.0.4. The other bindutils find my server and return meaningful results that make sense in my domain.
Does anybody else run a name server for an internal network that remains connected to the internet 24x7? Do you understand what is going on here? ___________________________________________________________ bash-2.04# nslookup *** Can't find server name for address 192.168.0.4: Non-exist ent host/domain *** Default servers are not available
__________________________________________________
bash-2.04# nslookup -d ;; res_nmkquery(QUERY, 4.0.168.192.in-addr.arpa, IN, PTR) ------------ Got answer: HEADER: opcode = QUERY, id = 63969, rcode = NXDOMAIN header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS: 4.0.168.192.in-addr.arpa, type = PTR, class = IN AUTHORITY RECORDS: -> 168.192.in-addr.arpa ttl = 5073 (1h24m33s) origin = blackhole.isi.edu mail addr = bmanning.isi.edu serial = 19971802 refresh = 10800 (3H) retry = 900 (15M) expire = 604800 (1W) minimum ttl = 86400 (1D)
------------ *** Can't find server name for address 192.168.0.4: Non-existent host/domain *** Default servers are not available bash-2.04#
I believe that blackhole.isi.edu is one of the root nameservers. Did you configure your nameserver as a master for the 0.168.192.IN-ADDR.ARPA zone? Victor Cardona
On Wednesday 14 February 2001 00:02, Victor R. Cardona wrote:
Steven T. Hatton wrote:
I have been using the 192.168.0.0 network space for some time now. Recently I discovered I was unable to get nslookups. I was digging around the other day with some of the bindutils and found some university was using that in a way that was visible out on the internet. I really do not understand how bind works, but I do know I have had strange behavior lately. It takes forever to contact my own systems. I have my dns configured to be the SOA for my domin, so I don't know why this would happen. The nslookup bellow shows you what I am getting. My DNS server is 192.168.0.4. The other bindutils find my server and return meaningful results that make sense in my domain.
Does anybody else run a name server for an internal network that remains connected to the internet 24x7? Do you understand what is going on here? ___________________________________________________________ bash-2.04# nslookup *** Can't find server name for address 192.168.0.4: Non-exist ent host/domain *** Default servers are not available
__________________________________________________
bash-2.04# nslookup -d ;; res_nmkquery(QUERY, 4.0.168.192.in-addr.arpa, IN, PTR) ------------ Got answer: HEADER: opcode = QUERY, id = 63969, rcode = NXDOMAIN header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS: 4.0.168.192.in-addr.arpa, type = PTR, class = IN AUTHORITY RECORDS: -> 168.192.in-addr.arpa ttl = 5073 (1h24m33s) origin = blackhole.isi.edu mail addr = bmanning.isi.edu serial = 19971802 refresh = 10800 (3H) retry = 900 (15M) expire = 604800 (1W) minimum ttl = 86400 (1D)
------------ *** Can't find server name for address 192.168.0.4: Non-existent host/domain *** Default servers are not available bash-2.04#
I believe that blackhole.isi.edu is one of the root nameservers. Did you configure your nameserver as a master for the 0.168.192.IN-ADDR.ARPA zone?
Victor Cardona
Victor, As a mater of fact I do have it set to master, but thanks for asking. I took a closer look at the rpmsave that the most recent upgrade of bind created. It looks as thought there may be some subtle differences I didn't notice the first time I glanced at it. I believe the probelm is that the old configuration file does not work correctly wtih the newer version of bind. I'll play with it when I get a chance. Since most everything worked ok after the upgrade, I never put 2 and to together. Steve
participants (3)
-
juergen.braukmann@ruhr-west.de -
Steven T. Hatton -
Victor R. Cardona