Delagation woes!

Kevin Darcy kcd at daimlerchrysler.com
Tue Jun 19 22:38:19 UTC 2001 

Pelletier, Michael wrote:

> My ISP has two secondary DNS servers. My company is the primary.

Secondary of *what*? Primary of *what*? You're having a problem with a reverse
lookup. Are you primary for the relevant reverse zone, or are you talking about
some other zone entirely?

> Doing a
> reverse lookup of my DNS server works when querying the secondaries.
> However, When I query my primary directly, it can not resolve it's own IP
> address:
>
> x.y.z.1                                   ==> My DNS server's (substituted)
> IP address
> MyServer.MyDomain.com        ==> My DNS Server's (substituted) name
>
> Here is the debugged output. Please note the "(name truncated?)" message at
> the bottom...
>
> Default Server:  MyServer.MyDomain.com
> Address:  x.y.z.1
>
> > x.y.z.1 (my DNS server's IP)
> Server:  MyServer.MyDomain.com
> Address:  x.y.z.1 (my DNS server's IP)
>
> ;; res_mkquery(0, 1.z.y.x.in-addr.arpa, 1, 12)
> ------------
> SendRequest(), len 43
>     HEADER:
>         opcode = QUERY, id = 41377, rcode = NOERROR
>         header flags:  query, want recursion
>         questions = 1,  answers = 0,  authority records = 0,  additional = 0
>
>     QUESTIONS:
>         1.z.y.x.in-addr.arpa, type = PTR, class = IN
>
> ------------
> ------------
> Got answer (133 bytes):
>     HEADER:
>         opcode = QUERY, id = 41377, rcode = NOERROR
>         header flags:  response, auth. answer, want recursion, recursion
> avail.
>         questions = 1,  answers = 1,  authority records = 1,  additional = 1
>
>     QUESTIONS:
>         1.z.y.x.in-addr.arpa, type = PTR, class = IN
>     ANSWERS:
>     ->  (name truncated?)
> ***  MyServer.MyDomain.com can't find x.y.z.1 : Unspecified error
>
> Please help!!!!

When BIND recurses to get an answer for a client, and it gets an authoritative
answer for that query, it just "passes through" the answer without really
changing any of the packet contents. So the fact that this particular answer is
munged implies that something upstream is munging it (unless your nameserver
happens to host this particular reverse zone). So, who hosts this reverse zone,
what kind of nameserver software are they running, and are they behind some
sort of firewall and/or telecom gear which might be likely to munge
UDP packets? Maybe it's time to get out the old sniffer and do some hunting.

BTW, is this reverse lookup really necessary for anything besides humoring
nslookup? Real DNS troubleshooting tools, e.g. "dig", don't care about reverse
lookups unless explicitly asked to make them.


- KevinP.S. Why is the Subject: line "Delagation woes!"? This problem doesn't
appear to have anything to do with delegation...

More information about the bind-users mailing list