(network unreachable) error in my server logs

All of the addresses are IPv6. Seems an IPv6 issue, you probably have no IPv6 networking configured. Disable IPv6 suport in Bind:

Edit /etc/sysconfig/named and set:

OPTIONS="-4"

Then restart bind:

service named restart

(from http://crashmag.net/disable-ipv6-lookups-with-bind-on-rhel-or-centos)

Are you under attack? I don't think you've been compromised. Those messages can be normal depending on what services you are running (anyhow, any server is always under some attempt of attack, people scans the internet trying exploits on every server).


It may be worth noting that in Debian Jessie with systemd, the -4 option in /etc/default/bind9 may be ignored. See bug #767798.

In that case, you need to modify the systemd bind9.service file:

Move bind9.service to avoid it being overwritten on updates

cd /etc/systemd
find . -name "bind*" -delete
cp /lib/systemd/system/bind9.service system/

Edit system/bind9.service to use the options in /etc/default/bind9.

$EDITOR system/bind9.service

Add EnvironmentFile=-/etc/default/bind9 and modify ExecStart to include $OPTIONS. (I remove -u bind, because on Debian, it is already included in $OPTIONS)

Make sure to keep the -f option needed for systemd. See this diff for an example:

# diff -u1 /lib/systemd/system/bind9.service /etc/systemd/system/bind9.service 
--- /lib/systemd/system/bind9.service   2015-12-14 21:12:28.000000000 +0100
+++ /etc/systemd/system/bind9.service   2016-02-08 15:34:59.634891951 +0100
@@ -6,3 +6,4 @@
 [Service]
-ExecStart=/usr/sbin/named -f -u bind
+EnvironmentFile=-/etc/default/bind9
+ExecStart=/usr/sbin/named -f $OPTIONS
 ExecReload=/usr/sbin/rndc reload

And finally

systemctl reenable bind9.service
service bind9 restart