named query cache denied
LINUX
작성자
nstor
작성일
2018-10-12 01:46
조회
5061
named query cache denied
기존서비스를 하던 도메인이 더이상 서비스를 하지 않는데..
도메인 등록기관에서 네임서버 변경을 안해서 네임서버에 zone 파일 자체가 없는데 아래와 같은 denied 로그가
쌓입니다.
[root@ns1 ~]# tail -f /var/log/messages
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.12#44496: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.55#33843: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.53#49048: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.18#60286: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.51#42116: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.16#13800: query (cache) 'xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.52#38423: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:45 ns1 named-sdb[39482]: client 106.241.133.19#4781: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:45 ns1 named-sdb[39482]: client 106.241.133.111#29213: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:45 ns1 named-sdb[39482]: client 208.91.112.52#63617: query (cache) 'xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.13#21128: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.24#52914: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.55#38376: query (cache) 'xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.21#11279: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.58#55711: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 208.91.112.53#45648: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.16#63674: query (cache) 'xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.11#6421: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 164.124.101.55#21374: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 164.124.101.124#20556: query (cache) 'xxxxxx.com/A/IN' denied
위에 로그와 같이 서비스 하지 않는 도메인의 denied 로그가 쌓일때
1. /etc/named.conf 파일에 category security null 옵션을 추가하면 해결됩니다.
logging {
category security { null; }; <-- 추가
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
기존서비스를 하던 도메인이 더이상 서비스를 하지 않는데..
도메인 등록기관에서 네임서버 변경을 안해서 네임서버에 zone 파일 자체가 없는데 아래와 같은 denied 로그가
쌓입니다.
[root@ns1 ~]# tail -f /var/log/messages
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.12#44496: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.55#33843: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.53#49048: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.18#60286: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.51#42116: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.16#13800: query (cache) 'xxxxxx.com/A/IN' denied
Oct 12 11:05:44 ns1 named-sdb[39482]: client 106.241.133.52#38423: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:45 ns1 named-sdb[39482]: client 106.241.133.19#4781: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:45 ns1 named-sdb[39482]: client 106.241.133.111#29213: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:45 ns1 named-sdb[39482]: client 208.91.112.52#63617: query (cache) 'xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.13#21128: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.24#52914: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.55#38376: query (cache) 'xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.21#11279: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.58#55711: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 208.91.112.53#45648: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.16#63674: query (cache) 'xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 106.241.133.11#6421: query (cache) 'm.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 164.124.101.55#21374: query (cache) 'www.xxxxxx.com/A/IN' denied
Oct 12 11:05:49 ns1 named-sdb[39482]: client 164.124.101.124#20556: query (cache) 'xxxxxx.com/A/IN' denied
위에 로그와 같이 서비스 하지 않는 도메인의 denied 로그가 쌓일때
1. /etc/named.conf 파일에 category security null 옵션을 추가하면 해결됩니다.
logging {
category security { null; }; <-- 추가
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
