[dns-operations] DDNS updates for to ns3.apnic.net

Chuck Anderson cra at WPI.EDU
Thu Apr 24 21:55:35 UTC 2014

On Thu, Apr 24, 2014 at 02:55:56PM -0400, Matthew Pounsett wrote:
> On Apr 24, 2014, at 10:28 , Chuck Anderson <cra at WPI.EDU> wrote:
> > Has anyone seen bunches of machines on their network attempting to do
> > DDNS updates to ns3.apnic.net for addresses in the 6to4 2002::/16
> > block zone?  Should I be concerned?
> ns3.apnic.net is the reverse DNS PTR for the actual MNAME of the zone.
> % dig +short IN SOA
> ns-apnic.6to4.nro.net. dns-admin.apnic.net. 2004083706 7200 1800 604800 172800
> % dig +short IN A ns-apnic.6to4.nro.net.
> % dig +short IN PTR
> ns3.apnic.net.
> Do you have a 6to4 gateway in operation?   If there are misconfigured dhcp clients in your network, and you’re using addresses somewhere in 2002::/16 then it’s reasonable that you’d be seeing that traffic.  

I do not have any 6to4 gateways.  In fact I block all 6to4 traffic at
my border.  There are probably a whole bunch of Windows boxes
defaulting to auto-configured 6to4 tunnels.

Do you know of a way via DHCP to tell the clients to not use 6to4?


More information about the dns-operations mailing list