Hello, in my syslog i can see new error message following: Code: Apr 7 16:29:32 vm28069 named[15824]: client @0x7fe8b40c7380 90.207.22.122#53 (sl): query (cache) 'sl/ANY/IN' denied Apr 7 16:29:58 vm28069 named[15824]: client @0x7fe8b40c7380 80.2.150.110#53 (sl): query (cache) 'sl/ANY/IN' denied Code: Apr 7 16:29:32 vm28069 named[15824]: client @0x7fe8b40c7380 90.207.22.122#53 (sl): query (cache) 'sl/ANY/IN' denied Apr 7 16:29:58 vm28069 named[15824]: client @0x7fe8b40c7380 80.2.150.110#53 (sl): query (cache) 'sl/ANY/IN' denied Any idea why? I can not see any problems and i didnt do any changes. Yesterday i just update isp config to latest version, but i dont think so that this is becahse new update. Thanks
Is there some difference between the two code snippets you posted? The messages mean client @0x7fe8b40c7380 queried your name server and your name server refused to answer. Whether this is a problem or not depends what client that is and if you want to offer name service to it. I can not offer any guesses with the information provided. Use Internet Search Engines with the message to find more info.
Thank you. That was fine, but in last days i still log errors in daemon like Code: Jul 30 10:21:08 xy named[29768]: client @0x7f03380c7300 69.144.156.204#80 (pizzaseo.com): query (cache) 'pizzaseo.com/RRSIG/IN' denied Jul 30 10:21:12 xy named[29768]: client @0x7f03380c7300 100.35.87.125#3658 (pizzaseo.com): query (cache) 'pizzaseo.com/RRSIG/IN' denied Jul 30 10:21:12 xy named[29768]: client @0x7f03380c7300 69.144.156.204#80 (pizzaseo.com): query (cache) 'pizzaseo.com/RRSIG/IN' denied Jul 30 10:21:14 xnamed[29768]: client @0x7f03380c7300 82.47.22.195#80 (pizzaseo.com): query (cache) 'pizzaseo.com/RRSIG/IN' denied Jul 30 10:21:15 xy named[29768]: client @0x7f03380c7300 100.35.87.125#3658 (pizzaseo.com): query (cache) 'pizzaseo.com/RRSIG/IN' denied Jul 30 10:21:16 xy named[29768]: client @0x7f03380c7300 82.47.22.195#80 (pizzaseo.com): query (cache) 'pizzaseo.com/RRSIG/IN' denied What i found is that someony tried to queried nameservers, but not something more. Is here any way to solve it? Maybe i should try to block this domain in fw?
My guess is some host is trying to use your name server, and name server denies. This is not that bad. You could ignore it, it is just some unnecessary load for your name server. Other option is to add block rule to fail2ban, that stops those queries.