Newsroom Update

Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Mike Richards1
Mike Richards1 Author
User level: Level 1
47 points

Too many DNS requests

Hi, have three Xserves running 10.4.11. Just started to plan the migration to 10.6 Server.

Go figure, after years of trouble free service our main file server, Xserve1 has crashed/froze three times in the last week.


It looks like the DNS service is getting hit with a massive amount of requests and it eventually bogs down the server? A reboot gets things going just fine again but after 3 hours or so, the requests start up.


The Xserve2 which is the master DNS and all our client computers are pointed to, it appears to have "some" of the same requests but on a much smaller scale. It has not crashed or froze yet.


Here is a small snippet of the named.log:


27-Mar-2012 02:14:19.746 host unreachable resolving 'zb.akadns.org/A/IN': 2001:500:48::1#53

27-Mar-2012 02:14:19.746 host unreachable resolving 'zb.akadns.org/AAAA/IN': 2001:500:48::1#53

27-Mar-2012 02:14:19.746 host unreachable resolving 'zb.akadns.org/A/IN': 2001:500:f::1#53

27-Mar-2012 02:14:19.746 host unreachable resolving 'zb.akadns.org/AAAA/IN': 2001:500:f::1#53

27-Mar-2012 02:14:19.746 host unreachable resolving 'zc.akadns.org/A/IN': 2001:500:48::1#53


Now I'll explain the server setup:


Xserve1 - AFP services, WIndows services, Open Directory Master, DNS

Xserve2 - AFP services, WIndows services, Open Directory Replica, DNS Master

Xserve3 - AFP services, WIndows services, Open Directory Replica, DNS


Internal NAT network behind a firewall. None of these servers have any mapping to the outside. The only way to login to the servers is to be on the internal network or connect from the outside via VPN. The VPN is a seperate box.


Since Xserve1 is not the Master DNS I just turned the DNS service off for now.


Any help would be appreciated, I'm not a unix or DNS expert but do understand the basics. What I am thinking is that an internal Mac or PC is the computer making the requests.

Is there a way to trace where these requests are coming from?

Is there another log file that has the past requests and what IP they came from?


Thank you for any help you can give. This is frustrating because we thought we were locked down fairly well.


Mike

Posted on Mar 28, 2012 8:33 AM

Reply
1 reply
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

Apr 12, 2012 12:01 PM in response to Mike Richards1

Those queries are all IPv6 lookups. If your server isn't running IPv6, and you don't have an IPv6-based upstream connection (hint: most people don't) then these lookups are bound to fail.


These lookups could also occur if the network client is using IPv6 since it may prefer IPv6 over IPv4.


The solution is to either ignore these benign errors, configure IPv6 everywhere, or turn off IPv6 everywhere.


The first (ignore) is trivial, the second (implement IPv6) is hard, and the third means walking through your network to find devices using IPv6 and turning it off.

Reply

Too many DNS requests

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up