[dns-operations] context-enroll.ccs.mcafee.com

Router Log logrouterlog at gmail.com
Thu Feb 16 07:57:37 UTC 2017 

Hi Robert,

Yes there are a couple of CQ there at the start. but the queries 
continued without further CQ's until the next day when  put the record a 
rpz zone?

As if there were some sort of loop condition.

Kind Regards Peter Davies

13-Feb-2017 16:38:40.198 RR 192.168.1.18:49818 <- 161.69.29.63:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:39.635 RQ 192.168.1.18:35848 -> 161.69.29.63:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:40.199 RQ 192.168.1.18:50860 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:39.917 RR 192.168.1.18:38122 <- 161.69.45.53:53 UDP 
164b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:40.321 RR 192.168.1.18:50860 <- 161.69.45.53:53 UDP 
164b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:39.917 RQ 192.168.1.18:48858 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:40.322 RQ 192.168.1.18:37843 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:40.445 RR 192.168.1.18:37843 <- 161.69.45.53:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:40.726 RQ 192.168.1.18:59094 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:40.445 RQ 192.168.1.18:40221 -> 161.69.29.63:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:40.846 RR 192.168.1.18:59094 <- 161.69.45.53:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:40.604 RR 192.168.1.18:40221 <- 161.69.29.63:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:40.847 RQ 192.168.1.18:53335 -> 161.69.29.63:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:40.605 RQ 192.168.1.18:41057 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:41.126 RR 192.168.1.18:33463 <- 161.69.45.53:53 UDP 
164b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:40.725 RR 192.168.1.18:41057 <- 161.69.45.53:53 UDP 
164b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:41.005 RR 192.168.1.18:53335 <- 161.69.29.63:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:41.006 RQ 192.168.1.18:33463 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:41.127 RQ 192.168.1.18:42448 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:41.247 RR 192.168.1.18:42448 <- 161.69.45.53:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:41.247 RQ 192.168.1.18:39571 -> 161.69.29.63:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:41.407 RR 192.168.1.18:39571 <- 161.69.29.63:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:41.408 RQ 192.168.1.18:58760 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:41.528 RR 192.168.1.18:58760 <- 161.69.45.53:53 UDP 
164b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:41.529 RQ 192.168.1.18:56408 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:41.650 RR 192.168.1.18:56408 <- 161.69.45.53:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:41.650 RQ 192.168.1.18:56314 -> 161.69.29.63:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:42.055 RR 192.168.1.18:53533 <- 161.69.45.53:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:42.055 RQ 192.168.1.18:41913 -> 161.69.29.63:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:42.214 RR 192.168.1.18:41913 <- 161.69.29.63:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:42.215 RQ 192.168.1.18:36954 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:41.810 RR 192.168.1.18:56314 <- 161.69.29.63:53 UDP 
109b context-enroll.ccs.mcafee.com/IN/NS
13-Feb-2017 16:38:41.811 RQ 192.168.1.18:42970 -> 161.69.45.53:53 UDP 
74b context-enroll.ccs.mcafee.com/IN/A
13-Feb-2017 16:38:41.933 RR 192.168.1.18:42970 <- 161.69.45.53:53 UDP 
164b context-enroll.ccs.mcafee.com/IN/A



On 15/02/2017 18:34, Robert Edmonds wrote:
> Router Log wrote:
>> I was concerned about the quantity of messages and that they were apparently
>> not caused by any external query.
> In your dnstap output there are two "CQ" (Client Query) messages. Those
> appear to be the external queries that triggered your BIND server to
> look up the name.
>

More information about the dns-operations mailing list