Dns-operations mailing list

[Brian Koontz <brian AT opennicproject.org>]

On Sat, Feb 09, 2013 at 12:09:20PM -0500, Steve Snyder wrote:
> 
> On 02/09/2013 11:18 AM, Brian Koontz wrote:
> >On Sat, Feb 09, 2013 at 08:56:52AM -0500, Steve Snyder wrote:
> >>There are a handful of non-Master DNS servers that constantly try to
> >>notify my server.  Should I act on this (block via iptables, etc.)
> >>or just accept that there will always be misconfigured servers
> >>somewhere and ignore them?
> >...
> >>    2079 2001:470:1f10:c6::20
> >...
> >
> >This is interesting, because this one is mine, and each zone I serve
> >explictly specifies "notify no."  Which zones exactly are you
> >receiving notifies for?
> >
> >   --Brian
> >
> 
> 09-Feb-2013 16:42:06.865 notify: client 2001:470:1f10:c6::20#15520:
> received notify for zone 'dns.opennic.glue'
> 09-Feb-2013 16:42:06.865 general: zone dns.opennic.glue/IN: refused
> notify from non-master: 2001:470:1f10:c6::20#15520

Relevant snip from named.conf:

    zone "dns.opennic.glue" IN {
        type slave;
        file "opennic/slave/dns.opennic.glue.zone";
        masters { 75.127.96.89; };
        allow-transfer { any; };
        notify no;
    };

Don't know what to say...the do-not-notify instruction is right there.

  --Brian

-- 
OpenNIC (the sequel) co-founder and wikimaster
IRC: Freenode.net channel #opennic