Using dig to Look Up IP Address
Kevin Darcy
kcd at daimlerchrysler.com
Fri Jun 29 22:52:30 UTC 2001
The default query type for dig when "-x" is used is ANY and queries of
type ANY are treated non-recursively. Whichever server answered this query
had the CNAME cached, apparently, but not the target of the CNAME (i.e.
the PTR record) so, in the absence of recursion, it just returned the
CNAME and nothing else. This answer is technically _correct_, just
incomplete.
You could consistently get complete answers for this reverse lookup by
explicitly specifying "ptr" on the dig command line, e.g. "dig -x
206.168.47.1 ptr".
You may also want to look into getting your provider to be a stealth slave
of your reverse zone and/or arranging for your nameserver(s) to be stealth
slaves of your provider's /24 reverse zone. That way, the nameservers
involved in resolving these queries will always have authoritative data
for the other zone and should always be able to give complete answers.
- Kevin
Jim wrote:
> Thanks everyone for the replies. For whatever reason, the two methods
> below don't seem to be equivalent, at least not for my own DNS. We've
> got a /25 with addresses 0 to 127 and our upstream provider has
> delegated the reverse lookups to our NAME servers. Only the
> "non-shortcut" method resolves the CNAME.
>
> Anything unusual or incorrect about our setup that would cause this?
>
> For example:
>
> C:\>dig -x 206.168.47.1
>
> ; <<>> DiG 2.2 <<>> -x
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr rd ra; Ques: 1, Ans: 1, Auth: 2, Addit: 3
> ;; QUESTIONS:
> ;; 1.47.168.206.in-addr.arpa, type = ANY, class = IN
>
> ;; ANSWERS:
> 1.47.168.206.in-addr.arpa. 524765 CNAME
> 1.moi.47.168.206.in-addr.arpa.
>
> ;; AUTHORITY RECORDS:
> 168.206.in-addr.arpa. 264674 NS NS1.XOR.COM.
> 168.206.in-addr.arpa. 264674 NS COOPNEWS.COOP.NET.
>
> ;; ADDITIONAL RECORDS:
> NS1.XOR.COM. 164255 A 192.225.33.1
> NS1.XOR.COM. 164255 A 192.108.21.1
> COOPNEWS.COOP.NET. 91874 A 199.45.255.1
>
> ;; Total query time: 10 msec
> ;; FROM: Jim to SERVER: default -- 206.168.47.2
> ;; WHEN: Fri Jun 29 15:27:46 2001
> ;; MSG SIZE sent: 43 rcvd: 190
>
> C:\>dig 1.47.168.206.in-addr.arpa ptr
>
> ; <<>> DiG 2.2 <<>> 1.47.168.206.in-addr.arpa ptr
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr aa rd ra; Ques: 1, Ans: 2, Auth: 2, Addit: 2
> ;; QUESTIONS:
> ;; 1.47.168.206.in-addr.arpa, type = PTR, class = IN
>
> ;; ANSWERS:
> 1.47.168.206.in-addr.arpa. 524688 CNAME
> 1.moi.47.168.206.in-addr.arpa.
> 1.moi.47.168.206.in-addr.arpa. 86400 PTR mail.mediaodyssey.com.
>
> ;; AUTHORITY RECORDS:
> moi.47.168.206.in-addr.arpa. 86400 NS ns1.mediaodyssey.com.
> moi.47.168.206.in-addr.arpa. 86400 NS ns.clarkecomputer.com.
>
> ;; ADDITIONAL RECORDS:
> ns1.mediaodyssey.com. 86400 A 206.168.47.2
> ns.clarkecomputer.com. 91472 A 216.17.138.123
>
> ;; Total query time: 10 msec
> ;; FROM: Jim to SERVER: default -- 206.168.47.2
> ;; WHEN: Fri Jun 29 15:29:03 2001
> ;; MSG SIZE sent: 43 rcvd: 203
>
> Thanks,
> Jim
>
> On 29 Jun 2001 11:01:38 -0700, Michael Kjorling <michael at kjorling.com>
> wrote:
>
> >
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> > $ dig -x 123.45.67.89
> >
> >or the more complicated way:
> >
> > $ dig 89.67.45.123.in-addr.arpa. ptr
> >
> >
> >Michael Kjörling
> >
> >
> >On Jun 28 2001 20:03 -0600, Jim wrote:
> >
> >> How do you use dig to do an IP address to name lookup? It's easy
> >> enough to do with nslookup, and I don't have problems using dig to
> >> find most other DNS data, but I'll be hanged if I can figure out how
> >> to do reverse lookups.
> >>
> >> Thanks,
> >> Jim
More information about the bind-users
mailing list