Maintained by: NLnet Labs

[Unbound-users] multicast address alerts in logs

W.C.A. Wijngaards
Mon Mar 7 20:49:34 CET 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Alexander, Michael,

On 03/07/2011 07:38 PM, Alexander Clouter wrote:
> Michael Watters <wattersmt at gmail.com> wrote:
>>
>> I still haven't been able to figure out what is causing these notices
>> in the system log.  Does unbound have a log level setting that could
>> filter the messages out?  Our DNS resolvers are working fine and I'd
>> rather not be spammed by pointless notices.
>>
> A google search pops up something interesting:
> 
> http://forums.fedoraforum.org/showpost.php?p=51979&postcount=5
> 
> Leave tcpdump running on a resolver and wait for the misconfigured 
> offender to appear.  Use one of the following:
> ----
> tcpdump -i bond0 -n -p port 53 -s 0 -w /tmp/dump.pcap
> tcpdump -i bond0 -n -p port 53 -s 0 -w - -U | tee /tmp/dump.pcap | tcpdump -r - -n
> ----
> 
> Good hunting :)

You can use do-not-query-address: 244.254.254.254 to make unbound avoid
this IP.  (by default 127.0.0.1 and 127.0.0.2 are in this list for example).

Best regards,
   Wouter

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEYEARECAAYFAk11Ns4ACgkQkDLqNwOhpPgLeQCgrB+lfJ1orIy+mHN4ZDXWvQp1
+1wAoI8jX1ZzGMPqyaLjbPlrRQgYJ5qr
=ygiQ
-----END PGP SIGNATURE-----