Looking at the logs of my local DNS server, my Linux computer has been looking up 191.0.0.10.in-addr.arpa every few seconds. It also looks up ipv4only.arpa, but less frequently. As far as I know, arpa domains are apart of the DNS system itself? Is this normal?

  • AgreeableLandscape@lemmy.mlOPM
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    4 years ago

    I find it really weird that it keeps reverse looking up one IP address, which apparently is in Brazil, and it does it every few seconds.

    I do have a VPN enabled (but not to a server in Brazil), but I don’t know if that has anything to do with it.

    • kevincox@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      4 years ago

      191.0.0.10.in-addr.arpa

      I do find it weird that this is an internal IP. I would check if this query works. Also maybe checking to see if your VPN has anything at this IP.

          • AgreeableLandscape@lemmy.mlOPM
            link
            fedilink
            arrow-up
            1
            ·
            4 years ago

            Oh wait, I just realized that the IP is reversed from what the domain says. I thought it was 191.0.0.10.

            10.0.0.191 is actually the IP address to the computer sending the queries.

            • SeerLite@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              4 years ago

              Maybe you can run one of those crazy nmap scans to see what it is?

              Or maybe it’s a better idea to figure out why it’s happening in the first place instead hmm