Problem with Classless IN-ADDR.ARPA delegation
Johnny Damtoft
dns at named.dk
Thu Jan 10 16:59:23 UTC 2002
Hi :)
I can see that there has been some writing about this, to help i send a zone
that runs IRL.
So, if you want to see how it is, just do a dig @dns1.ocnet.dk ...
Hope it helps :)
/ Johnny
------------
;
; /etc/dns/129.142.170.128_27.rev - reverse lookup for 129.142.170.128/27
(32 ip addys / 128-159)
;
$TTL 1800
$ORIGIN 129-158.170.142.129.in-addr.arpa.
129-158.170.142.129.in-addr.arpa. IN SOA dns1.ocnet.dk.
hostmaster.ocnet.dk. (
2002010801
16384
2048
1209600
2560 )
@ IN NS dns1.ocnet.dk.
@ IN NS dns2.ocnet.dk.
@ IN NS dns3.ocnet.dk.
129 IN PTR gateway.prcdata.dk.
131 IN PTR www.prcdata.dk.
132 IN PTR shop.prcdata.dk.
133 IN PTR betaling.prcdata.dk.
137 IN PTR bsd.skrog.dk.
145 IN PTR dns2.ocnet.dk.
149 IN PTR ns.kh-websupport.dk.
150 IN PTR ns2.kh-websupport.dk.
152 IN PTR psa01.ocnet.dk.
158 IN PTR old-psa01.ocnet.dk.
------------
-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
Behalf Of Guillaume Laurès
Sent: Wednesday, January 09, 2002 8:42 PM
To: bind-users at isc.org
Subject: Problem with Classless IN-ADDR.ARPA delegation
Hello to everybody,
I used to have a working config for classless delegation, but now it
doesn't work anymore (worked about 5 monthes).
I didn't change the config (as far as I remember), did not upgrade bind
(or maybe ?).
Well, I don't remember what could have caused the trouble since I made
some changes some time ago but I discovered the problem only now.
Here is the setup: I have the 195.68.66.0/28 subnet delegated from my
ISP (have other w/ the same problem but let's keep it simple), and we
have choosed to run our own name server on those addresses
bind version is :
[root at srv-web /root]# named -v
named 8.2.3-REL Sat Jan 27 05:11:05 EST 2001
prospector at porky.devel.redhat.com:/usr/src/bs/BUILD/bind-8.2.3/src/bin/named
I have the following config in named.conf:
zone "32-28.64.68.195.in-addr.arpa" {
type master;
file "195.68.64.32-28.rev";
};
The zone file looks like this:
$ttl 600
1-27.66.68.195.in-addr.arpa. IN SOA srv-web.ebi-fr.com.
administrateur.ebi-fr.com. (
993755287
21600
3600
604800
600 )
1-27.66.68.195.in-addr.arpa. IN NS srv-web.ebi-fr.com.
1.1-27.66.68.195.in-addr.arpa. IN PTR travaux.pratique.fr.
2.1-27.66.68.195.in-addr.arpa. IN PTR newsletter.ebi-fr.com.
...
30.1-27.66.68.195.in-addr.arpa. IN PTR gw.ebi-fr.com.
31.1-27.66.68.195.in-addr.arpa. IN PTR
host66-31.lan-ls.imaginet.fr.
And here is the log of my bind starting:
Jan 9 19:28:56 srv-web named[7805]: starting (/etc/named.conf). named
8.2.3-REL Sat Jan 27 05:11:05 EST 2001
^Iprospector at porky.devel.redhat.com:/usr/src/bs/BUILD/bind-8.2.3/src/bin/nam
ed
Jan 9 19:28:56 srv-web named[7805]: load: info: hint zone "" (IN)
loaded (serial 0)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"32-28.64.68.195.in-addr.arpa" (IN) loaded (serial 99375531)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"1-27.66.68.195.in-addr.arpa" (IN) loaded (serial 993755287)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"cfmp.tm.fr" (IN) loaded (serial 993757043)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"ebi-fr.com" (IN) loaded (serial 993755137)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"esf-editeur.fr" (IN) loaded (serial 993757224)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"groupe-strategies.fr" (IN) loaded (serial 993757379)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"groupe-strategies.com" (IN) loaded (serial 993757378)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone "lra.fr"
(IN) loaded (serial 993755125)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"pratique.fr" (IN) loaded (serial 993757597)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"strategies-online.com" (IN) loaded (serial 993757377)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"strategieseurope.com" (IN) loaded (serial 993757377)
Jan 9 19:28:56 srv-web named[7805]: load: info: master zone
"forum-emplois.com" (IN) loaded (serial 993757382)
Jan 9 19:29:19 srv-web named[7805]: load: info: slave zone
"rbl-plus.mail-abuse.org" (IN) loaded (serial 1010592879)
Jan 9 19:29:19 srv-web named[7805]: default: info: listening on
[195.68.66.4].53 (eth0)
Jan 9 19:29:19 srv-web named[7805]: default: info: Forwarding source
address is [0.0.0.0].53
Jan 9 19:29:19 srv-web named[7814]: security: info: group = 25
Jan 9 19:29:19 srv-web named[7814]: security: info: user = named
Jan 9 19:29:19 srv-web named[7814]: default: notice: Ready to answer
queries.
jan 9 19:29:19 srv-web named: named startup succeeded
Now why I say it don't work ?
- connecting to ftp sites takes a long time, just like if reverse dns
check didn't worked
- asking for reverse lookup of one address from an external host don't
work:
chr at gw:~$ nslookup 195.68.66.2
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 193.252.19.3
Address: 193.252.19.3#53
** server can't find 2.66.68.195.in-addr.arpa: SERVFAIL
whereas straight lookup works:
chr at gw:~$ nslookup newsletter.ebi-fr.com
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 193.252.19.3
Address: 193.252.19.3#53
Name: newsletter.ebi-fr.com
Address: 195.68.66.2
For those who prefer host:
chr at gw:~$ host 195.68.66.2
Nameserver not responding
195.68.66.2 PTR record not found, try again
chr at gw:~$ host newsletter.ebi-fr.com
newsletter.ebi-fr.com A 195.68.66.2
- and strangely my server don't feel being authoritative for the
sub-zones:
[root at srv-web /root]# dig @195.68.66.4 soa 0-28.66.68.195.in-addr.arpa.
; <<>> DiG 8.3 <<>> @195.68.66.4 soa 0-28.66.68.195.in-addr.arpa.
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;; 0-28.66.68.195.in-addr.arpa, type = SOA, class = IN
;; AUTHORITY SECTION:
66.68.195.in-addr.arpa. 10M IN SOA moria.imaginet.fr.
named-mgr.imaginet.fr. (
2001071901 ; serial
6H ; refresh
1H ; retry
1W ; expiry
10M ) ; minimum
;; Total query time: 4235 msec
;; FROM: srv-web.ebi-fr.com to SERVER: 195.68.66.4
;; WHEN: Wed Jan 9 19:36:56 2002
;; MSG SIZE sent: 45 rcvd: 108
moria.imaginet.fr is my ISP's dns server for 66.68.195.in-addr.arpa.
I feel it to be a bit long, but I hope I provided as much information as
possible to troubleshoot the issue.
Thanks to anybody who can help !!
Regards
--
Guillaume Laurès
Responsable Systèmes et Techniques - EBI
Tel [33](0)1 46 29 68 24
Mob [33](0)6 07 24 55 60
Fax [33](0)1 46 29 46 15
More information about the bind-users
mailing list