HPE Community
Operating System - HP-UX
1833007 Members
2487 Online
110048 Solutions
New Discussion

Re: Wierd messages from named in syslog

 
Mark Landin
Valued Contributor

‎02-25-2004 06:46 AM

‎02-25-2004 06:46 AM

Wierd messages from named in syslog

I am seeing the following messages in my syslog file on my HP-UX A500 running 11.11 and DNS:


Feb 25 13:38:02 dilbert named[789]: host name "_scr_DEFAULT.tmp.tdwilliamson.com
" IN (response from [192.1.11.15]) is invalid - rejecting

Feb 25 13:38:37 dilbert named[789]: host name "_scr_DEFAULT" IN (response from [
192.1.11.15]) is invalid - rejecting

Host 192.1.11.15 is a Windows 2000 DNS server that is authoritative for some zones in our organization.

Do these indicate anything serious? Is there a way to ignore them (whether through syslog.conf or named.conf)?
0 Kudos
Reply
8 REPLIES 8
Jeroen Peereboom
Honored Contributor

‎02-25-2004 06:49 AM

‎02-25-2004 06:49 AM

Re: Wierd messages from named in syslog

Sounds like your W2k DNS is giving hostnames that your Unix DNS rejects. If I remember correctly, underscores are forbidden, but there are options in the named config file.

Do you think these are acceptable names '_scr_DEFAULT'? Maybe you can check on the w2k server which IP address and server / PC it is, or connect to it to check...


JP
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎02-25-2004 06:55 AM

‎02-25-2004 06:55 AM

Re: Wierd messages from named in syslog


What version of BIND are you running? 9.2 is the latest for HPux.

Are you allowing 192.1.11.15 to update your master DNS? I wouldn't, because M$ doesn't play correctly with the standards.

live free or die
harry
Live Free or Die
0 Kudos
Reply
Florian Heigl (new acc)
Honored Contributor

‎02-25-2004 09:11 PM

‎02-25-2004 09:11 PM

Re: Wierd messages from named in syslog

The microsoft DNS is trying to register some AD entries with all DNS set in his IP settings.
Either remove the UNIX DNS from the Win2k box's connection settings, or (better) create delegations for a subdomain to the windows server / clients and put them in there. away. to safety.

:)
yesterday I stood at the edge. Today I'm one step ahead.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎02-25-2004 11:30 PM

‎02-25-2004 11:30 PM

Re: Wierd messages from named in syslog

I recallseeing this on my DNS 4.9.x server when there were database problems. The database on HP-UX was not up to date with the W2K DNS server.

I recommend the 9.2.0 upgrade and security patches and keeping those databases in synch.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Mark Landin
Valued Contributor

‎02-26-2004 01:22 AM

‎02-26-2004 01:22 AM

Re: Wierd messages from named in syslog

Thanks for all the replies. Let me address them:

The Windows 2000 system IS our master DNS. Somewhat of a political decision, but out of my hands. My UX server is authoritative for one of the subdomains, however.

Underscores are definitely not legal DNS characters per standard. Naturally, MS ignores that, and naturally, our Windows people insist on using them.

I guess my question is why is the Windows DNS server trying to push those entries down to my UNIX DNS servers, when my UNIX servers are not authoritative for the zones those records belong in? I suppose that is a Windows DNS question, huh. :)
0 Kudos
Reply
Thomas Bianco
Honored Contributor

‎02-26-2004 01:25 AM

‎02-26-2004 01:25 AM

Re: Wierd messages from named in syslog

You probably have an Active directory on the windows side. Billy G's DNS service supports underscores because active directory requires it.

You'll have to get your NT guru to remove the active directory DNS entries from the list of zones you're secondary to.

Also, might want to have him check the "bind secondary" option in his DNS config.
There have been Innumerable people who have helped me. Of course, I've managed to piss most of them off.
0 Kudos
Reply
Jeroen Peereboom
Honored Contributor

‎02-26-2004 02:02 AM

‎02-26-2004 02:02 AM

Re: Wierd messages from named in syslog

Mark,

I think the message in your initial posting is a result of a lookup, not of a zone transfer. Apparantly, someone / something on your UX box asks for a hostname. The query is forwarded / resolved by you Windows DNS, but you own DNS doesn't like the result.

There probably is an option, but I cannot find documentation on named.conf.
It used to be called check-names in named.boot....

JP
0 Kudos
Reply
Daniel Challen_1
New Member

‎05-17-2004 04:01 AM

‎05-17-2004 04:01 AM

Re: Wierd messages from named in syslog

On my HP-UX 11.11 system:
# find / -name \* -type f -exec grep -l "_scr_DEFAULT" {} \;
/opt/scr/bin/scrdelete
/opt/scr/lib/libscrcom.sl
/opt/scr/lib/scr/scr_config.tcl

It would appear that _scr_DEFAULT is some kind of default/test node name for something called the System Inventory daemon, "scr". In my case, turning off scr (edit /etc/rc.config.d/scrdaemon ) stopped the 'bogus' dns lookups.

I imagine there is a better way to do this - actually fix scr so it doesn't give rise to the requests, but this does the trick.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.