After upgrading to a new BIND version on my RHEL6 system I get the following messages in [ /var/log/messages ]

Jul 15 15:24:30 <system> named[11514]: client 172.19.17.242#52588: RFC 1918 response from Internet for 149.156.20.10.in-addr.arpa

If the IN-ADDR.ARPA name covered refers to a internal address space you are using then you have failed to follow RFC 1918 usage rules and are leaking queries to the Internet.

You should establish your own zones for these addresses ( in this case 10.20 )  to prevent you querying the Internet’s name servers for these addresses.

As an example from the message above :

• Add the follwing line to [ /etc/named.conf ]

include “/etc/named/10.20.conf”;

• Create new file [ /etc/named/10.20.conf ] with the follwing content :

zone “20.10.in-addr.arpa” in {
type master;
file “rfc1918.zone”;
forwarders {};
};

• Create new file [ /var/named/rfc1918.zone with the following content :

$TTL 1H
@               IN SOA <local nameserver1 – FQDN>. (
<your serial>      ; serial
1D              ; refresh
1H              ; retry
6W              ; expiry
1H )            ; minimum

IN NS           <local nameserver1 – FQDN>.
IN NS           <local nameserver2 – FQDN>.

 

Now restart named and it should not generate these messages anymore