Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: xpking on September 17, 2023, 10:44:44 AM

Title: Weird logs in Unbound DNS - aoc.gov?
Post by: xpking on September 17, 2023, 10:44:44 AM
Dear all,

When I checked the logs of Unbound DNS, it shows me a lot of query and reply of aoc.gov (example below).
Is this normal?
I don't have any DNS issues. But I am feeling weird of these logs.

2023-09-17T16:43:41   Informational   unbound   [38957:2] query: 220.135.223.125 aoc.gov. ANY IN   
2023-09-17T16:43:41   Informational   unbound   [38957:2] reply: 220.135.223.125 aoc.gov. ANY IN NOERROR 0.000000 0 1080   
2023-09-17T16:43:41   Informational   unbound   [38957:2] query: 220.135.223.125 aoc.gov. ANY IN   
2023-09-17T16:43:41   Informational   unbound   [38957:2] reply: 220.135.223.125 aoc.gov. ANY IN NOERROR 0.000000 0 1080   
2023-09-17T16:43:41   Informational   unbound   [38957:2] query: 220.135.223.125 aoc.gov. ANY IN   
2023-09-17T16:43:41   Informational   unbound   [38957:2] reply: 220.135.223.125 aoc.gov. ANY IN NOERROR 0.000000 0 1080   
2023-09-17T16:43:41   Informational   unbound   [38957:2] query: 220.135.223.125 aoc.gov. ANY IN   
2023-09-17T16:43:41   Informational   unbound   [38957:2] reply: 220.135.223.125 aoc.gov. ANY IN NOERROR 0.000000 0 1080   
2023-09-17T16:43:41   Informational   unbound   [38957:2] query: 220.135.223.125 aoc.gov. ANY IN   
2023-09-17T16:43:41   Informational   unbound   [38957:2] reply: 220.135.223.125 aoc.gov. ANY IN NOERROR 0.000000 0 1080   
2023-09-17T16:43:41   Informational   unbound   [38957:2] query: 220.135.223.125 aoc.gov. ANY IN   
2023-09-17T16:43:41   Informational   unbound   [38957:2] reply: 220.135.223.125 aoc.gov. ANY IN NOERROR 0.000000 0 1080   
2023-09-17T16:43:41   Informational   unbound   [38957:2] query: 220.135.223.125 aoc.gov. ANY IN   
2023-09-17T16:43:41   Informational   unbound   [38957:2] reply: 220.135.223.125 aoc.gov. ANY IN NOERROR 0.000000 0 1080   
2023-09-17T16:43:41   Informational   unbound   [38957:2] query: 220.135.223.125 aoc.gov. ANY IN   
2023-09-17T16:43:41   Informational   unbound   [38957:2] reply: 220.135.223.125 aoc.gov. ANY IN NOERROR 0.000000 0 1080   
2023-09-17T16:43:41   Informational   unbound   [38957:2] query: 220.135.223.125 aoc.gov. ANY IN   
2023-09-17T16:43:41   Informational   unbound   [38957:2] reply: 220.135.223.125 aoc.gov. ANY IN NOERROR 0.000000 0 1080   
2023-09-17T16:43:41   Informational   unbound   [38957:2] query: 220.135.223.125 aoc.gov. ANY IN   
2023-09-17T16:43:41   Informational   unbound   [38957:2] reply: 220.135.223.125 aoc.gov. ANY IN NOERROR 0.000000 0 1080
Title: Re: Weird logs in Unbound DNS - aoc.gov?
Post by: CJ on September 20, 2023, 03:56:33 PM
Is that your WAN ip?  I forget the exact format of the Unbound logs for queries but it seems like you might have an open relay.
Text only | Text with Images