RFC 1918 response from Internet

dear boy’s and girls,

i have this EM in /var/log/messages:

Oct 19 10:37:38 hoofdkwartier named[319]: client 192.168.66.201#37490: RFC 1918 response from Internet for 107.20.10.10.in-addr.arpa

I tried al lot of things trying to get rid of this, including blocking the host with
denyhosts, removing it from dhcp.leases and adding entry’s in /etc/named.conf,
following instructions I found on http://readthe****ingmanual.net/error/1203/

Who can help me investigate this further? Other info I found on the internet
are too complicated for me.

We are running an OpenSuse 11.1 server, clients are both Linux and Windows
machines.

greetings, J.

10.10.20.107 is in a private range and you should not be sending such queries to the Internet. You should set up your named to answer for a reverse lookup of addresses in the RFC1918 zones (10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16).

The answer is here

http://www.bind9.net/BIND-FAQ

look for the question “What does “RFC 1918 response from Internet for 0.0.0.10.IN-ADDR.ARPA” mean?”

It could be that the version of bind9 you have already supports setup of automatic RFC1918 zones, depends on the version, I can’t say.

hello,

many thanks for the reply!

I have found that info in the spcecified url.

Just an additional question - probably not a very smart one :

do I have to make the entry’s specified here in /etc/named.conf and only in named.conf?

again, many thanks.

grt, J.

You still need a zone file called “empty” in /var/lib/named/master if you follow the advice in that FAQ.

hey,

i 've created the zone “empty” via Yast and added the entry’s.

I’m looking at /var/log/messages for a couple of minutes now, haven’t seen the EM
so far.

Looks like you fixed it, Ken.

I am very relieved! Many many thanks.

J.