Lame delegatoin in a reverse zone

Pete Ehlke pde at ehlke.net
Sat Jul 27 13:33:02 UTC 2002 

On Fri, Jul 26, 2002 at 03:48:54PM -0700, Michael Dodd wrote:
> 
> I'm kind of new to running a DNS server, and I'd like to do it right. 
> My reverse lookups are broken and I get lame server messages.  here's
> what my logs say when DNS loads:
> 
> dns_master_load: /var/named/204.200.42.80.rev:9: ignoring out-of-zone
> data (82.42.200.204.in-addr.arpa)
> dns_master_load: /var/named/204.200.42.80.rev:10: ignoring out-of-zone
> data (87.42.200.204.in-addr.arpa)
> 
> And when I try and lookup a PTR in that zone:
> lame server on '82.42.200.204.in-addr.arpa' (in
> '42.200.204.in-addr.arpa'?): 129.250.35.32#53
> 
> Here's the contents of the reverse zone file
> /var/named/204.200.42.80.rev
> $ttl 38400
> 80.42.200.204.in-addr.arpa.     IN      SOA     ns1.bgonet.com.
> binky.bgonet.com. (
>                         1027721348
>                         10800
>                         3600
>                         604800
>                         38400 )
> 80.42.200.204.in-addr.arpa.     IN      NS      ns1.bgonet.com.
> 87.42.200.204.in-addr.arpa.     IN      PTR     pr.bgonet.com.
> 
> What am I missing? This seems right to me, and I'd like to be a
> responsible sysadmin.

Well, either you've munged the error messages you posted or you've
munged the data file, since the messages show the server rejecting 
82.42.200.204.in-addr.arpa, which doesn't appear in the file you posted.
In this case, it turns out not to be important, but please post
complete and unedited data.

You defined the zone as 80.42.200.204.in-addr.arpa. What this means is
that you cannot serve 87.42.200.204.in-addr.arpa from this zone; it's
not part of the same name space. All you can do with
80.42.200.204.in-addr.arpa is serve records for 80.42.200.204.in-addr.arpa 
or child zones of it, such as silly.80.42.200.204.in-addr.arpa. In
practical terms, you probably want a zone that represents a subnet of
some size larger than a /32, but you have a zone that represents a host.

It's hard to see how it will ever work on the internet, though. verio
seems to be exceedingly confused about name service for this block.
200.204.in-addr.arpa. is delegated to ns0, ns1, and ns2.verio.net. Those
servers delegate 42.200.204.in-addr.arpa. to b.ns.verio.net and
t.ns.verio.net, which are lame. 

-Pete

More information about the bind-users mailing list