Facebook
TwitterHello,
We have some servers with Plesk onyx. Per server we have a dns, for example the DNS of server2.domain.com is ns2.domain.com
When we host a domain in server5.domain.com we use ns5.domain.com
The problem is, if we check the /var/log/syslog of all the servers we see a lot of traffic like this:
for example in server32.domain.org
Apr 10 09:40:34 dv32 named[537]: client 66.230.162.186#13878 (ns33.domain.org): query (cache) 'ns33.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#62731 (ns26.domain.org): query (cache) 'ns26.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#30547 (ns11.domain.org): query (cache) 'ns11.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#64723 (ns11.domain.org): query (cache) 'ns11.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#47027 (ns11.domain.org): query (cache) 'ns11.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#30622 (ns27.domain.org): query (cache) 'ns27.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 66.230.162.186#21766 (ns21.domain.org): query (cache) 'ns21.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#61888 (ns26.domain.org): query (cache) 'ns26.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#12155 (ns28.domain.org): query (cache) 'ns28.domain.org/AAAA/IN' denied
Apr 10 09:40:35 dv32 named[537]: client 137.74.213.134#17843 (ns7.domain.org): query (cache) 'ns7.domain.org/AAAA/IN' denied
Apr 10 09:40:38 dv32 named[537]: client 35.172.109.209#35613 (ns1.domain.org): query (cache) 'ns1.domain.org/A/IN' denied
Apr 10 09:40:39 dv32 named[537]: client 18.208.202.230#27160 (ns33.domain.org): query (cache) 'ns33.domain.org/A/IN' denied
Apr 10 09:40:39 dv32 named[537]: client 18.204.43.140#35948 (ns1.domain.org): query (cache) 'ns1.domain.org/AAAA/IN' denied
Apr 10 09:40:39 dv32 named[537]: client 18.208.202.230#56224 (ns16.domain.org): query (cache) 'ns16.domain.org/A/IN' denied
Apr 10 09:40:41 dv32 named[537]: client 203.173.58.7#26024 (ns1.domain.org): query (cache) 'ns1.domain.org/AAAA/IN' denied
Apr 10 09:40:42 dv32 named[537]: client 35.172.109.209#21898 (ns1.domain.org): query (cache) 'ns1.domain.org/AAAA/IN' denied
Apr 10 09:40:42 dv32 named[537]: client 18.214.36.145#47150 (ns1.domain.org): query (cache) 'ns1.domain.org/AAAA/IN' denied
So, is there any way to stop this DNS queries through all the servers?
We have some servers with Plesk onyx. Per server we have a dns, for example the DNS of server2.domain.com is ns2.domain.com
When we host a domain in server5.domain.com we use ns5.domain.com
The problem is, if we check the /var/log/syslog of all the servers we see a lot of traffic like this:
for example in server32.domain.org
Apr 10 09:40:34 dv32 named[537]: client 66.230.162.186#13878 (ns33.domain.org): query (cache) 'ns33.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#62731 (ns26.domain.org): query (cache) 'ns26.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#30547 (ns11.domain.org): query (cache) 'ns11.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#64723 (ns11.domain.org): query (cache) 'ns11.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#47027 (ns11.domain.org): query (cache) 'ns11.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#30622 (ns27.domain.org): query (cache) 'ns27.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 66.230.162.186#21766 (ns21.domain.org): query (cache) 'ns21.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#61888 (ns26.domain.org): query (cache) 'ns26.domain.org/AAAA/IN' denied
Apr 10 09:40:34 dv32 named[537]: client 137.74.213.134#12155 (ns28.domain.org): query (cache) 'ns28.domain.org/AAAA/IN' denied
Apr 10 09:40:35 dv32 named[537]: client 137.74.213.134#17843 (ns7.domain.org): query (cache) 'ns7.domain.org/AAAA/IN' denied
Apr 10 09:40:38 dv32 named[537]: client 35.172.109.209#35613 (ns1.domain.org): query (cache) 'ns1.domain.org/A/IN' denied
Apr 10 09:40:39 dv32 named[537]: client 18.208.202.230#27160 (ns33.domain.org): query (cache) 'ns33.domain.org/A/IN' denied
Apr 10 09:40:39 dv32 named[537]: client 18.204.43.140#35948 (ns1.domain.org): query (cache) 'ns1.domain.org/AAAA/IN' denied
Apr 10 09:40:39 dv32 named[537]: client 18.208.202.230#56224 (ns16.domain.org): query (cache) 'ns16.domain.org/A/IN' denied
Apr 10 09:40:41 dv32 named[537]: client 203.173.58.7#26024 (ns1.domain.org): query (cache) 'ns1.domain.org/AAAA/IN' denied
Apr 10 09:40:42 dv32 named[537]: client 35.172.109.209#21898 (ns1.domain.org): query (cache) 'ns1.domain.org/AAAA/IN' denied
Apr 10 09:40:42 dv32 named[537]: client 18.214.36.145#47150 (ns1.domain.org): query (cache) 'ns1.domain.org/AAAA/IN' denied
So, is there any way to stop this DNS queries through all the servers?
Last edited:
