Page 1 of 1

Network Unreachable Error

Posted: 2014/10/23 12:21:22
by saeed
Hi

Today I noticed that I have some lines in my log files in /var/log/messages as follows:

Code: Select all

Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving './DNSKEY/IN': 2001:503:ba3e::2:30#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving './NS/IN': 2001:503:ba3e::2:30#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:48::1#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:4f8:0:2::19#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:2f::f#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:2f::f#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:1::803f:235#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:1::803f:235#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:503:c27::2:30#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:503:c27::2:30#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:1a::1#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:4f8:0:2::20#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:60::29#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns1.isc.ultradns.net/A/IN': 2001:7fd::1#53
Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns1.isc.ultradns.net/AAAA/IN': 2001:7fd::1#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'ns2.isc.ultradns.net/A/IN': 2610:a1:1014::e8#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'pdns196.ultradns.org/A/IN': 2001:500:e::1#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'pdns196.ultradns.org/AAAA/IN': 2001:500:e::1#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'pdns196.ultradns.org/A/IN': 2001:500:40::1#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'pdns196.ultradns.org/AAAA/IN': 2001:500:40::1#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'pdns196.ultradns.org/AAAA/IN': 2001:502:4612::e8#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'pdns196.ultradns.info/AAAA/IN': 2610:a1:1016::e8#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'pdns196.ultradns.info/A/IN': 2610:a1:1016::e8#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'pdns196.ultradns.co.uk/AAAA/IN': 2610:a1:1017::e8#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'pdns196.ultradns.biz/A/IN': 2610:a1:1015::e8#53
Oct 23 11:39:04 server named[1585]: error (network unreachable) resolving 'pdns196.ultradns.com/AAAA/IN': 2001:502:f3ff::e8#53
Oct 23 11:39:04 server named[1585]: client 93.113.174.225#46368: query (cache) 'adobe.com/A/IN' denied
Oct 23 11:39:04 server named[1585]: client 93.113.174.225#23736: query (cache) 'adobe.com/A/IN' denied
Oct 23 11:39:04 server lfd[1196]: SYSLOG check [Lga6AZUNsgZGaVQX]
I take that my server tries to resolve such addresses as pdns196.ultradns.org, etc. Now my question is why my server tries to reach the above IPV6 addresses, especially adobe.com? It is strange since I do not have any services related to the above. Do I have to be worried if my server is compromised? What's more, yesterday there was a heavy load on my server, in such a way that DirectAdmin Panel had 65 or so alerts about excessive use of system resources. And so far I have not been able to pinpoint the culprit.

Please help!
Saeed

Re: Network Unreachable Error

Posted: 2014/10/23 12:55:15
by TrevorH
Looks to me like you have 2 separate issues: first your server is complaining a lot about being unable to contact things over ipv6 so do you have ipv6 enabled and do you have a valid ipv6 address on an interface that can reach those addresses?

The second and slightly more worrying issue is: is 93.113.174.225 an IP address that belongs to you? If it is not then your DNS server appears to be exposed to the internet and probably shouldn't be unless you are using it as an authoritative server for a DNS zone that belongs to you.

Re: Network Unreachable Error

Posted: 2014/10/23 14:35:37
by saeed
TrevorH wrote:Looks to me like you have 2 separate issues: first your server is complaining a lot about being unable to contact things over ipv6 so do you have ipv6 enabled and do you have a valid ipv6 address on an interface that can reach those addresses?

The second and slightly more worrying issue is: is 93.113.174.225 an IP address that belongs to you? If it is not then your DNS server appears to be exposed to the internet and probably shouldn't be unless you are using it as an authoritative server for a DNS zone that belongs to you.

Hi. Thanks for responding. As for the first issue, as you have put it, yes I have disabled ipv6 through the following tutorial:

http://wiki.centos.org/FAQ/CentOS6#head ... 10d41781df

And for for the second part, no the Ip does not belong to me. But could you explain what you meant by "authoritative server for a DNS zone that belongs to you"? I own a VPS configured by DirectAdmin, so every thing including the DNS zone, etc were set up upon installing the panel.

Regards
Saeed

Re: Network Unreachable Error

Posted: 2016/05/10 02:37:18
by rjlohman_opt
Just a note about this...

I tried adding OTIONS="-4" to /etc/sysconfig/named, commenting out the 'listen-on-v6' line in /etc/named.conf, and changing that line from
listen-on-v6 port 53 { ::1; };
to
listen-on-v6 port 53 { none; };

But nothing seemed to help. It turns out, 'service named reload' wasn't re-reading all configuration files. I had to do a full restart of named to get it to reread all of the configs. Minor point, but threw me for a loop. FWIW

RJL

Re: Network Unreachable Error

Posted: 2016/05/10 07:35:16
by forumitu
The "OPTIONS=-4" line in /etc/sysconfig/named actually is an argument to named process. Reloading the named is just a notification to the currently running named daemon process to read again its configuration, and so it does not change its arguments. Because of that service restart is required after changing the OPTIONS in /etc/sysconfig/named.