Re: is your host or dhcp server sending dns dynamic updates for rfc1918?
according to http://root-servers.org/, dns transactions concerning rfc1918 address space are now being served by an anycast device near you ...
And right you are. However, pray tell, why doesn't bind feature a simple way to not log these spurious updates? As far as I can tell lots of people want to just ignore these messages but can only do so by turning off all security logging.
that question belongs on bind-users@isc.org, i suspect. but i'll answer: if you redirect the "update" and "security" categories to channel "null" then it works like you want. if there was demand, ISC would make a specific category called "failed-updates" so that other security related events wouldn't have to be nulled at the same time.
Please note that PowerDNS is just as silly in this respect up to 1.99.9. The next version features --log-failed-updates which defaults to off.
not all failed updates are spurious. i recommend against this as a default.
participants (1)
-
Paul Vixie