Hurricane Electric's IPv6 Tunnel Broker Forums
May 23, 2013, 01:22:36 am *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Welcome to Hurricane Electric's Tunnelbroker.net forums!
 
   Home   Help Search Login Register  
Hurricane Electric's IPv6 Tunnel Broker Forums > DNS.HE.NET Topics > General Questions & Suggestions > What is at 2001:470:47:13::2 and why is it attempting to AXFR my zone?
Pages: [1]
« previous next »
  Print  
Author Topic: What is at 2001:470:47:13::2 and why is it attempting to AXFR my zone?  (Read 1564 times)
snarked
Hero Member
*****
Posts: 577



View Profile
« on: May 06, 2012, 01:45:40 pm »
From my syslog:
Quote
May  5 00:48:55 snarked named[903]: client 2001:470:47:13::2#14313 (x.x.x.x.x.x.x.x.0.7.4.0.1.0.0.2.ip6.arpa): zone transfer 'x.x.x.x.x.x.x.x.0.7.4.0.1.0.0.2.ip6.arpa/AXFR/IN' denied
I'm getting this about every 30 seconds (with varying source port numbers; actual zone masked for public posting, but it's my tunnel #2 allocation).

HE's whois service shows that this is an HE internal address, not a tunnel delegation.

AXFR access is permitted to ns1.he.net (216.218.130.2 and 2001:470:100::2) so that the DNS service can pick it up for "secondary" service.

From the DNS service page about the zone:
Quote
Domain name  x.x.x.x.x.x.x.x.0.7.4.0.1.0.0.2.ip6.arpa
Type SLAVE
Master(s) 2001:470:...  (In my tunnel#1 allocation as that's where my DNS server is)
Last successful check  2012-05-04 12:47:07 (176038 seconds ago.)
Last status change  2012-05-04 12:47:46

As 2001:470:47:13::2 is not the address of one of your 5 name servers, what is its purpose for wanting the zone?

PS:  The zone in question is not (yet) DNSSEC signed.  It will be signed when next updated.
Logged
broquea
Senior Network Engineer, SEVEN Networks (AS19733)
Hero Member
*****
Posts: 1377



View Profile WWW
« Reply #1 on: May 06, 2012, 02:02:34 pm »
Looks like a facility-specific machine:

2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.1.0.0.7.4.0.0.0.7.4.0.1.0.0.2.ip6.arpa domain name pointer ns1-fmt2.he.net.
Logged
snarked
Hero Member
*****
Posts: 577



View Profile
« Reply #2 on: May 06, 2012, 04:40:23 pm »
OK, but as I'm a tunnelbroker user and not in one of your facilities, why does it want to AXFR my zone?  It's not one of ns[1-5].he.net nor is it documented to grant it access anywhere....
Logged
broquea
Senior Network Engineer, SEVEN Networks (AS19733)
Hero Member
*****
Posts: 1377



View Profile WWW
« Reply #3 on: May 06, 2012, 05:08:53 pm »
Ask dnsadmin@he.net ?

I'd guess that this is one of the many ns1.he.net machines or whatever trickery was used to deflect the onslaught of hate against the nameservers.
Logged
snarked
Hero Member
*****
Posts: 577



View Profile
« Reply #4 on: May 06, 2012, 06:59:09 pm »
OK, but that doesn't seem to justify allowing AXFR permssion to that IPv6 address....
Logged
broquea
Senior Network Engineer, SEVEN Networks (AS19733)
Hero Member
*****
Posts: 1377



View Profile WWW
« Reply #5 on: May 06, 2012, 07:51:55 pm »
Quote
Ask dnsadmin@he.net
Logged
snarked
Hero Member
*****
Posts: 577



View Profile
« Reply #6 on: May 06, 2012, 09:47:06 pm »
Mail sent.
Logged
snarked
Hero Member
*****
Posts: 577



View Profile
« Reply #7 on: May 06, 2012, 11:17:20 pm »
Matter resolved via e-mail.  It was a misconfiguration and should have been from 2001:470:100::2.
Logged
Pages: [1]
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!