Logwatch reports - Zone update refused

2 posts / 0 new
Last post
#1 Wed, 07/15/2009 - 03:08
cyrus

Logwatch reports - Zone update refused

For a while now I have been receiving the following in 'logwatch' for a particular domain on my server. A search for this issue has made me none the wiser, and appreciate what this may actually mean.

Zone update refused:
219.xx.xxx.xxx (domainxxx.com/IN): 252 Time(s)

And the following in relation to this, shows up in 'messages' in my 'system logs'

Jul 15 02:03:49 host named[15834]: client 219.xx.xxx.xxx#50340: updating zone 'domainxxx.com/IN': update unsuccessful: phoenix-1dbc6c3.domainxxx.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Jul 15 02:03:50 host named[15834]: client 219.xx.xxx.xxx#50343: update 'domainxxx.com/IN' denied
Jul 15 02:09:20 host named[15834]: client 219.xx.xxx.xxx#50503: updating zone 'domainxxx.com/IN': update unsuccessful: yujtgfli-yjzj5i.domainxxx.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Jul 15 02:09:21 host named[15834]: client 219.xx.xxx.xxx#50506: update 'domainxxx.com/IN' denied

Always the same IP address in question (219.xx.xxx.xxx), and only this one particular domain (domainxxx.com) from my server.

Wed, 07/15/2009 - 10:39
andreychek

I believe that means someone/something is trying to perform a zone transfer off of your DNS server there.

Do you have any slave DNS servers setup that would be trying to retrieve the DNS information? If so, it looks like it could be denying their request.

Otherwise, in poking around on Google, another suggestion is that it might just be a Windows box thinking it needs to perform updates.

It's denying them, so I dunno that I'd worry to much about it, unless something of yours isn't working right :-)

-Eric

Topic locked