[dns-operations] DDNS updates for 2.0.0.2.ip6.arpa to ns3.apnic.net
Chuck Anderson
cra at WPI.EDU
Thu Apr 24 21:55:35 UTC 2014
On Thu, Apr 24, 2014 at 02:55:56PM -0400, Matthew Pounsett wrote:
>
> On Apr 24, 2014, at 10:28 , Chuck Anderson <cra at WPI.EDU> wrote:
>
> > Has anyone seen bunches of machines on their network attempting to do
> > DDNS updates to ns3.apnic.net for addresses in the 6to4 2002::/16
> > block 2.0.0.2.ip6.arpa zone? Should I be concerned?
>
> ns3.apnic.net is the reverse DNS PTR for the actual MNAME of the 2.0.0.2.ip6.arpa zone.
>
> % dig +short IN SOA 2.0.0.2.ip6.arpa.
> ns-apnic.6to4.nro.net. dns-admin.apnic.net. 2004083706 7200 1800 604800 172800
> % dig +short IN A ns-apnic.6to4.nro.net.
> 202.12.28.131
> % dig +short IN PTR 131.28.12.202.in-addr.arpa.
> ns3.apnic.net.
>
> Do you have a 6to4 gateway in operation? If there are misconfigured dhcp clients in your network, and you’re using addresses somewhere in 2002::/16 then it’s reasonable that you’d be seeing that traffic.
I do not have any 6to4 gateways. In fact I block all 6to4 traffic at
my border. There are probably a whole bunch of Windows boxes
defaulting to auto-configured 6to4 tunnels.
Do you know of a way via DHCP to tell the clients to not use 6to4?
Thanks.
More information about the dns-operations
mailing list