help! what's prisoner.iana.org?
chaim
I'm running a lan and a router as an internet connection. Every 4-5 minutes
something calls prisoner.iana.org in my LAN. I read an article that explains
to me that my DHCP server can't resolve my internal DNS server, but what did
I do wrong? My internal DNS server uses my ISP's DNS as forwarders, what did
I do wrong?
Maybe some stations aren't using the dhcp server but fixed addresses? Or
another DNS server than the internal one? Would this produce a call to
prisoner.iana.org this often?
Thanks A LOT for any advice
chaim
![Ace Fekay [MVP]'s profile photo](https://lh3.googleusercontent.com/a/default-user=s40-c)
Ace Fekay [MVP]
prisoner.iana.org ?
Try a different forwarder?
--
Ace
Please direct all replies to the newsgroup so all can benefit.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
"chaim" <cni...@iprolink.ch> wrote in message
news:attfuo$pa2$1...@news.eusc.inter.net...
Dean Wells
Européens). As to why you're noticing such frequent communication with
it is difficult to assess without knowing virtually every element of
your configuration. I'll dig a little further when time permits (no pun
intended for those of you wondering). The following is the corresponding
reverse lookup info. for the resolved address(es) -
> set type=ptr
> 192.175.48.1
Server: localhost
Address: 127.0.0.1
1.48.175.192.in-addr.arpa name = prisoner.iana.org
48.175.192.in-addr.arpa nameserver = NS.RIPE.NET
48.175.192.in-addr.arpa nameserver = NOC.UMD.EDU
48.175.192.in-addr.arpa nameserver = ns-ext.vix.com
NS.RIPE.NET internet address = 193.0.0.193
NS.RIPE.NET AAAA IPv6 address = 2001:610:240:0:193:0:0:193
Dean
--
Dean Wells [MVP / Windows platform]
MSEtechnology
dwe...@msetechnology.com
[[ Please respond to the Newsgroup only ]]
"chaim" <cni...@iprolink.ch> wrote in message
news:attfuo$pa2$1...@news.eusc.inter.net...
chaim
My theory is that the DHCP server is trying to resolve the domain name and
something is wrong in my dns settings.
Here they are:
domain name ehtrustco.com
_msdcs
_sites
_tcp
_udp
text icon(same as parent folder) SOA [30],
ehtrusto4.ehtrustco.com
text icon (same as parent folder) NS
ehtrusto4.ehtrustco.com
text icon (same as parent folder) A
192.168.10.11
text icon ehtrusto4 A
192.168.10.1
mail A
138.190.157.41
mail
MX [10]mail
www
A 138.190.157.41
the mail.ehtrustco.com server doesn't exist any more we changed to another
provider and this new provider hosts his mail server at ehtrustco.com. what
should I change? Should I just erase the "mail" value in that field?
I know I made that error but it seems very unlikely that this error could
cause theses strange calls to prisoner.iana.org?
My feeling is that there is another mistake in this config dns but where?
"Ace Fekay [MVP]" <PleaseSubstituteMyFirstName&LastNa...@hotmail.com>
wrote in message news:uDYpkd#pCHA.1948@TK2MSFTNGP10...
chaim
or just names as they are now?
domain name ehtrustco.com
_msdcs
_sites
_tcp
_udp
text icon(same as parent folder) SOA [30], ehtrusto4.ehtrustco.com
text icon (same as parent folder) NS
ehtrusto4.ehtrustco.com
text icon (same as parent folder) A 192.168.10.11
text icon ehtrusto4 A 192.168.10.11
mail A 138.190.157.41
mail MX [ 10]mail
www A 138.190.157.41
the mail.ehtrustco.com server doesn't exist any more we changed to another
provider and this one hosts his mail server at ehtrustco.com. what should I
change? Should I just erase the "mail" value in that field?
"Ace Fekay [MVP]" <PleaseSubstituteMyFirstName&LastNa...@hotmail.com>
wrote in message news:uDYpkd#pCHA.1948@TK2MSFTNGP10...
Ace Fekay [MVP]
services, I would leave the "mail" record, just eliminate the MX record. I
am not sure why it is querying for the prisoner.iana.org domain.
--
Ace
Please direct all replies to the newsgroup so all can benefit.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
"chaim" <cni...@iprolink.ch> wrote in message
news:au24vd$7t3$1...@news.eusc.inter.net...
chaim
mail A 138.190.157.41
mail MX [10]mail
www A 138.190.157.41
And what's the mail record doing?
does the second value "mail" after the [10] mean that the server is to be
found at mail.ehtrustco.com? because it's not there, it's in ehtrustco.com
alone. thanks a lot for your help anyway!
"Ace Fekay [MVP]" <PleaseSubstituteMyFirstName&LastNa...@hotmail.com>
wrote in message news:u7dZKHRqCHA.1688@TK2MSFTNGP11...
Ace Fekay [MVP]
If it is being hosted by your ISP, then it is not needed onyour DNS server.
Everything else looks ok.
--
Ace
Please direct all replies to the newsgroup so all can benefit.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
"chaim" <cni...@iprolink.ch> wrote in message
news:au2fcs$agi$1...@news.eusc.inter.net...
Kenneth Porter
news:attfuo$pa2$1...@news.eusc.inter.net:
> I'm running a lan and a router as an internet connection. Every 4-5
> minutes something calls prisoner.iana.org in my LAN.
Most likely you're missing a proper reverse zone for a private IP netblock.
You need to create the reverse zone for whatever private addresses that
host is looking for.
IANA provides a default reverse zone for addresses that should never appear
on the public Internet (such as 192.168/16). This is mostly to keep that
traffic from burning up the root servers, by providing cachable bogus
entries to forwarding servers.
I expect your host is looking up one of these addresses and your DNS is
passing the query to the outside world instead of acting authoritatively
for it. It might then submit a forward query for the hostname returned as
part of a security check to make sure the forward and reverse queries match
and no spoofing is going on (common in mail servers).