Init: Administrativ, DNS u.a. Dienste

Hallo,

mein tjener redet viel mit dem Internet, quasselt dns+mdns und bläßt Strom durch die ganze Welt.

Ein #tcpdump hab'ich unten ran-kopiert.

Was des Internet-Verkehrs ist davon (überhaupt) sinnvoll, was ist notwendig?

Wie kann ich den internationalen Stromverbrauch senken?

mdns abschalten? IPv6 abschalten? Wie kann ich dns-root-server Anfragen minimieren?

Besonders irritierend find'ich: 

05:01:42.918389 IP tjener.intern.29217 > CON2.NIPR.MIL.domain: 60586 A? eur1r.nipr.mil. (32)
05:01:43.104693 IP CON2.NIPR.MIL.domain > tjener.intern.29217: 60586 1/0/0 A EUR1R.NIPR.MIL (48)

Kommentare, An-/Bemerkungen und Hinweise sind willkommen! @SIG 

maxen@tjener:~$ su
Passwort:
tjener:/home/maxen# tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
05:01:26.695553 IP ltspserver.intern.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 36.2.67.77.in-addr.arpa. (41)
05:01:26.695582 IP6 fe80::213:d4ff:fe29:a394.mdns > ff02::fb.mdns: 0[|domain]
05:01:26.695643 IP tjener.intern.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 36.2.67.77.in-addr.arpa. (41)
05:01:27.222821 IP ip-174-142-114-109.static.privatedns.com.www > tjener.intern.50034: P 504:532(28) ack 1 win 56 <nop,nop,timestamp 3010063567 2460986>
05:01:27.222875 IP tjener.intern.50034 > ip-174-142-114-109.static.privatedns.com.www: . ack 532 win 182 <nop,nop,timestamp 2461783 3010063567>
05:01:28.703528 IP6 fe80::211:6bff:fe94:c767.mdns > ff02::fb.mdns: 0[|domain]
05:01:28.703681 IP6 fe80::213:d4ff:fe29:a394.mdns > ff02::fb.mdns: 0[|domain]
05:01:28.703745 IP tjener.intern.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 36.2.67.77.in-addr.arpa. (41)
05:01:30.593610 IP tjener.intern.10099 > ns.lacnic.net.domain: 3154 PTR? 11.13.3.200.in-addr.arpa. (42)
05:01:30.847674 IP ns.lacnic.net.domain > tjener.intern.10099: 3154*- 1/2/4 PTR[|domain]
05:01:30.853290 IP tjener.intern.47038 > j.root-servers.net.domain: 54085 PTR? 9.238.156.62.in-addr.arpa. (43)
05:01:30.922127 IP j.root-servers.net.domain > tjener.intern.47038: 54085- 0/12/13 (495)
05:01:30.922788 IP tjener.intern.26851 > c.root-servers.net.domain: 5424 PTR? 9.238.156.62.in-addr.arpa. (43)
05:01:30.989774 IP c.root-servers.net.domain > tjener.intern.26851: 5424- 0/7/0 (222)
05:01:30.990249 IP tjener.intern.23361 > sunic.sunet.se.domain: 30765 PTR? 9.238.156.62.in-addr.arpa. (43)
05:01:31.053340 IP sunic.sunet.se.domain > tjener.intern.23361: 30765- 0/3/2 (169)
05:01:31.053650 IP tjener.intern.37728 > ns.ripe.net.domain: 62604 PTR? 9.238.156.62.in-addr.arpa. (43)
05:01:31.126041 IP ns.ripe.net.domain > tjener.intern.37728: 62604- 0/2/0 (103)
05:01:31.126391 IP tjener.intern.36467 > a.nic.de.domain: 27734 A? pns.dtag.de. (29)
05:01:31.357511 IP a.nic.de.domain > tjener.intern.36467: 27734- 0/2/1 (94)
05:01:36.711207 IP tjener.intern.43004 > w.arin.net.domain: 25308 PTR? 10.2.32.198.in-addr.arpa. (42)
05:01:36.768240 IP w.arin.net.domain > tjener.intern.43004: 25308- 0/2/0 (85)
05:01:36.768684 IP tjener.intern.19692 > flag.ip4.int.domain: 59578 PTR? 10.2.32.198.in-addr.arpa. (42)
05:01:36.998845 IP flag.ip4.int.domain > tjener.intern.19692: 59578*- 1/2/4 PTR[|domain]
05:01:37.002847 IP tjener.intern.5250 > z.arin.net.domain: 51885 PTR? 13.4.32.198.in-addr.arpa. (42)
05:01:37.141837 IP z.arin.net.domain > tjener.intern.5250: 51885- 0/2/0 (85)
05:01:37.142267 IP tjener.intern.13549 > dot.ep.net.domain: 18955 PTR? 13.4.32.198.in-addr.arpa. (42)
05:01:37.363457 IP dot.ep.net.domain > tjener.intern.13549: 18955* 1/3/4 PTR[|domain]
05:01:37.380631 IP tjener.intern.27294 > ns.icann.org.domain: 50252[|domain]
05:01:37.614214 IP ns.icann.org.domain > tjener.intern.27294: 50252 NXDomain*-[|domain]
05:01:37.620586 IP tjener.intern.43998 > auth4.dns.cogentco.com.domain: 28267 PTR? 2.50.8.38.in-addr.arpa. (40)
05:01:37.688742 IP auth4.dns.cogentco.com.domain > tjener.intern.43998: 28267 NXDomain*- 0/1/0 (98)
05:01:37.791502 IP6 fe80::211:6bff:fe94:c767.mdns > ff02::fb.mdns: 0[|domain]
05:01:37.791633 IP ltspserver.intern.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 2.50.8.38.in-addr.arpa. (40)
05:01:37.791661 IP6 fe80::213:d4ff:fe29:a394.mdns > ff02::fb.mdns: 0[|domain]
05:01:37.791730 IP tjener.intern.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 2.50.8.38.in-addr.arpa. (40)
05:01:38.799439 IP6 fe80::211:6bff:fe94:c767.mdns > ff02::fb.mdns: 0[|domain]
05:01:38.799547 IP ltspserver.intern.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 2.50.8.38.in-addr.arpa. (40)
05:01:38.799574 IP6 fe80::213:d4ff:fe29:a394.mdns > ff02::fb.mdns: 0[|domain]
05:01:38.799636 IP tjener.intern.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 2.50.8.38.in-addr.arpa. (40)
05:01:39.036152 IP tjener.intern.35969 > ip-174-142-114-109.static.privatedns.com.www: . ack 2629599262 win 182 <nop,nop,timestamp 2464737 3010066520>
05:01:40.807617 IP6 fe80::213:d4ff:fe29:a394.mdns > ff02::fb.mdns: 0[|domain]
05:01:40.807680 IP tjener.intern.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 2.50.8.38.in-addr.arpa. (40)
05:01:42.049735 IP tjener.intern.35969 > ip-174-142-114-109.static.privatedns.com.www: . ack 29 win 182 <nop,nop,timestamp 2465490 3010067274>
05:01:42.699968 IP tjener.intern.44811 > G.ROOT-SERVERS.NET.domain: 37184 PTR? 50.64.91.80.in-addr.arpa. (42)
05:01:42.778451 IP tjener.intern.2704 > sns-pb.isc.org.domain: 59214 PTR? 50.64.91.80.in-addr.arpa. (42)
05:01:42.918389 IP tjener.intern.29217 > CON2.NIPR.MIL.domain: 60586 A? eur1r.nipr.mil. (32)
05:01:43.104693 IP CON2.NIPR.MIL.domain > tjener.intern.29217: 60586 1/0/0 A EUR1R.NIPR.MIL (48)
05:01:43.105065 IP tjener.intern.17814 > EUR1R.NIPR.MIL.domain: 46711 PTR? 251.180.252.199.in-addr.arpa. (46)
05:01:43.183535 IP EUR1R.NIPR.MIL.domain > tjener.intern.17814: 46711*- 1/6/0 (188)
05:01:43.187262 IP tjener.intern.18785 > ns-sec.ripe.net.domain: 29690 PTR? 53.0.212.199.in-addr.arpa. (43)
05:01:43.244852 IP ns-sec.ripe.net.domain > tjener.intern.18785: 29690 Refused- 0/0/0 (43)
05:01:43.245211 IP tjener.intern.14003 > ns2.arin.net.domain: 62119 PTR? 53.0.212.199.in-addr.arpa. (43)
05:01:43.459932 IP ns2.arin.net.domain > tjener.intern.14003: 62119*- 1/5/4 (266)
05:01:43.464142 IP tjener.intern.25475 > u.arin.net.domain: 7411 PTR? 8.176.63.69.in-addr.arpa. (42)
05:01:43.537364 IP u.arin.net.domain > tjener.intern.25475: 7411- 0/2/0 (96)
05:01:43.537825 IP tjener.intern.47893 > dns04.sf2p.tfbnw.net.domain: 8141 PTR? 8.176.63.69.in-addr.arpa. (42)
05:01:43.757465 IP dns04.sf2p.tfbnw.net.domain > tjener.intern.47893: 8141*- 1/2/2 PTR[|domain]
05:01:43.761540 IP tjener.intern.38712 > dns1.telstra.net.domain: 15999 PTR? 25.29.12.202.in-addr.arpa. (43)
05:01:44.116439 IP dns1.telstra.net.domain > tjener.intern.38712: 15999- 0/3/0 (119)
05:01:44.116874 IP tjener.intern.51510 > tinnie.apnic.net.domain: 38114 PTR? 25.29.12.202.in-addr.arpa. (43)
05:01:44.499650 IP tinnie.apnic.net.domain > tjener.intern.51510: 38114*- 1/3/4 (225)
05:01:44.505203 IP tjener.intern.36001 > w.arin.net.domain: 60188 PTR? 53.43.50.192.in-addr.arpa. (43)
05:01:44.562184 IP w.arin.net.domain > tjener.intern.36001: 60188- 0/6/0 (145)
05:01:44.562674 IP tjener.intern.41690 > g.dns.jp.domain: 54798 PTR? 53.43.50.192.in-addr.arpa. (43)
05:01:44.888457 IP g.dns.jp.domain > tjener.intern.41690: 54798- 0/3/0 (128)
05:01:44.888903 IP tjener.intern.14876 > mango.itojun.org.domain: 26739 PTR? 53.43.50.192.in-addr.arpa. (43)
05:01:45.055044 IP ip-174-142-114-109.static.privatedns.com.www > tjener.intern.35969: P 29:57(28) ack 0 win 56 <nop,nop,timestamp 3010068025 2465490>
05:01:45.055088 IP tjener.intern.35969 > ip-174-142-114-109.static.privatedns.com.www: . ack 57 win 182 <nop,nop,timestamp 2466241 3010068025>
05:01:45.227396 IP mango.itojun.org.domain > tjener.intern.14876: 26739*- 1/3/7 (308)
05:01:45.242900 IP tjener.intern.39948 > w.arin.net.domain: 34593 PTR? 1.54.19.199.in-addr.arpa. (42)
05:01:45.299587 IP w.arin.net.domain > tjener.intern.39948: 34593- 0/4/0 (150)
05:01:45.300065 IP tjener.intern.56701 > ns1.ams1.afilias-nst.info.domain: 12875 PTR? 1.54.19.199.in-addr.arpa. (42)
05:01:45.359795 IP ns1.ams1.afilias-nst.info.domain > tjener.intern.56701: 12875*- 1/4/0 PTR[|domain]
05:01:45.364536 IP tjener.intern.44127 > w.arin.net.domain: 5244 PTR? 30.178.52.192.in-addr.arpa. (44)
05:01:45.421488 IP w.arin.net.domain > tjener.intern.44127: 5244- 0/4/0 (121)
05:01:45.421944 IP tjener.intern.30206 > e2.NSTLD.COM.domain: 27556 PTR? 30.178.52.192.in-addr.arpa. (44)
05:01:45.496650 IP e2.NSTLD.COM.domain > tjener.intern.30206: 27556*- 1/7/9 (372)
05:01:45.502303 IP tjener.intern.63062 > M.ROOT-SERVERS.NET.domain: 40223 PTR? 200.141.155.210.in-addr.arpa. (46)
05:01:45.564821 IP M.ROOT-SERVERS.NET.domain > tjener.intern.63062: 40223- 0/6/0 (188)
05:01:45.565331 IP tjener.intern.38460 > ns1.apnic.net.domain: 16079 PTR? 200.141.155.210.in-addr.arpa. (46)
05:01:45.946388 IP ns1.apnic.net.domain > tjener.intern.38460: 16079- 0/6/0 (148)
05:01:45.946860 IP tjener.intern.59528 > ns0.nic.ad.jp.domain: 35875 PTR? 200.141.155.210.in-addr.arpa. (46)
05:01:46.264646 IP ns0.nic.ad.jp.domain > tjener.intern.59528: 35875- 0/2/0 (91)
05:01:46.265211 IP tjener.intern.33845 > ns-jp.sinet.ad.jp.domain: 65495 A? ns0.mex.ad.jp. (31)
05:01:46.600173 IP ns-jp.sinet.ad.jp.domain > tjener.intern.33845: 65495- 0/2/2 (95)
05:01:46.600558 IP tjener.intern.18014 > ns1.mex.ad.jp.domain: 65047 A? ns0.mex.ad.jp. (31)
05:01:46.953465 IP tjener.intern.35340 > ns0.mex.ad.jp.domain: 50550 PTR? 200.141.155.210.in-addr.arpa. (46)
05:01:47.305543 IP tjener.intern.13951 > dns1.telstra.net.domain: 53607 PTR? 194.141.178.203.in-addr.arpa. (46)
05:01:47.659459 IP dns1.telstra.net.domain > tjener.intern.13951: 53607- 0/6/0 (148)
05:01:47.659913 IP tjener.intern.45209 > d.dns.jp.domain: 37312 PTR? 194.141.178.203.in-addr.arpa. (46)
05:01:47.805425 IP tjener.intern.56025 > ns.tokyo.wide.ad.jp.domain: 28029 PTR? 194.141.178.203.in-addr.arpa. (46)
05:01:48.030796 IP tjener.intern.35969 > ip-174-142-114-109.static.privatedns.com.www: . ack 85 win 182 <nop,nop,timestamp 2466985 3010068769>
05:01:48.145419 IP tjener.intern.4275 > a.dns.jp.domain: 2918 PTR? 61.136.178.203.in-addr.arpa. (45)
05:01:48.465920 IP a.dns.jp.domain > tjener.intern.4275: 2918- 0/3/0 (130)
05:01:48.466374 IP tjener.intern.45709 > ns-wide.wide.ad.jp.domain: 7163 PTR? 61.136.178.203.in-addr.arpa. (45)
05:01:48.796235 IP ns-wide.wide.ad.jp.domain > tjener.intern.45709: 7163*- 1/3/4 (232)
05:01:48.802389 IP tjener.intern.63525 > w.arin.net.domain: 41592 PTR? 30.128.58.192.in-addr.arpa. (44)
05:01:48.859313 IP w.arin.net.domain > tjener.intern.63525: 41592- 0/4/0 (121)
05:01:48.859783 IP tjener.intern.64748 > c2.nstld.com.domain: 61860 PTR? 30.128.58.192.in-addr.arpa. (44)
05:01:49.080415 IP c2.nstld.com.domain > tjener.intern.64748: 61860*- 1/7/9 (372)
05:01:49.084778 IP tjener.intern.6769 > se-dns.svl.netnod.se.domain: 61855 A? ns1.resilans.se. (33)
05:01:49.162931 IP se-dns.svl.netnod.se.domain > tjener.intern.6769: 61855- 0/3/4 (164)
05:01:49.163483 IP tjener.intern.61890 > ns3.resilans.se.domain: 38477 A? ns1.resilans.se. (33)
05:01:49.226490 IP ns3.resilans.se.domain > tjener.intern.61890: 38477*- 1/3/2 A ns1.resilans.se (148)
05:01:49.226958 IP tjener.intern.48385 > ns1.resilans.se.domain: 8892 PTR? 2.125.36.192.in-addr.arpa. (43)
05:01:49.286146 IP ns1.resilans.se.domain > tjener.intern.48385: 8892- 0/3/0 (119)
05:01:49.286400 IP tjener.intern.38169 > sunic.sunet.se.domain: 18748 PTR? 2.125.36.192.in-addr.arpa. (43)
05:01:49.347754 IP sunic.sunet.se.domain > tjener.intern.38169: 18748*- 1/3/6 (265)
05:01:49.350815 IP tjener.intern.58349 > ns-pri.ripe.net.domain: 54638 PTR? 193.0.0.193.in-addr.arpa. (42)
05:01:49.410656 IP ns-pri.ripe.net.domain > tjener.intern.58349: 54638*- 1/3/0 (156)
05:01:49.415757 IP tjener.intern.58895 > k.root-servers.net.domain: 4453 PTR? 53.0.0.194.in-addr.arpa. (41)
05:01:49.482009 IP k.root-servers.net.domain > tjener.intern.58895: 4453- 0/7/0 (236)
05:01:49.482534 IP tjener.intern.33486 > ns3.nic.fr.domain: 29965 PTR? 53.0.0.194.in-addr.arpa. (41)
05:01:49.547453 IP ns3.nic.fr.domain > tjener.intern.33486: 29965- 0/4/0 (130)
05:01:49.548028 IP tjener.intern.37696 > a.nic.de.domain: 42105 A? ns1.denic.de. (30)
05:01:49.756207 IP a.nic.de.domain > tjener.intern.37696: 42105- 0/4/4 (183)
05:01:49.756710 IP tjener.intern.53934 > ns3.denic.de.domain: 20259 A? ns1.denic.de. (30)
05:01:49.817095 IP ns3.denic.de.domain > tjener.intern.53934: 20259*- 1/4/4 A ns1.denic.de (199)
05:01:49.817375 IP tjener.intern.6907 > ns1.denic.de.domain: 4173 PTR? 53.0.0.194.in-addr.arpa. (41)
05:01:49.877184 IP ns1.denic.de.domain > tjener.intern.6907: 4173*- 1/4/5 PTR[|domain]
05:01:49.882070 IP tjener.intern.14296 > w.arin.net.domain: 52215 PTR? 126.34.0.192.in-addr.arpa. (43)
05:01:49.939354 IP w.arin.net.domain > tjener.intern.14296: 52215- 0/5/0 (162)
^C05:01:49.939832 IP tjener.intern.34178 > 199.4.29.153.domain: 24516 PTR? 126.34.0.192.in-addr.arpa. (43)

624 packets captured
2013 packets received by filter
1280 packets dropped by kernel

ChristianMaxen/Technik/Admin (last edited 2010-03-10 04:56:09 by ChristianMaxen)

Alle Inhalte in diesem Wiki stehen unter der GPL.