0

Not trapping RFC1918 rDNS queries

Hello,

I am not a nextdns user or customer - however I run an AS112 instance:

https://www.as112.net

I see the top queries I am getting are seemingly from dns.nextdns.io (rDNS). On one hand - as112 and my instance is doing it's job. On the other hand, I would have thought nextdns would have config in place to blackhole these queries before they even leave your platform. There could also be a valid reason you don't do this - in which case I'm curious to know what it is.

If you do consider catching these before they leave your servers - I would recommend using the as112 zones (RFC1918 + a few other "internal only" zones.)

root@as112:/home/vom# ./bind-query-log-report.py
Reading /var/cache/bind/as112.queries.log...

--- Top Client IPs ---
Count      IP Address                                    Reverse DNS
--------------------------------------------------------------------------------
590283     45.76.21.53                                   dns.nextdns.io
170401     2001:19f0:5c00:1819:ae1f:6bff:fef5:ff3a       dns.nextdns.io

Reply

null
Login to reply

Content aside

  • 5 hrs agoLast active
  • 7Views
  • 1 Following