RFC 2317 reverse DNS - have I done it right?
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Thu Feb 12 20:27:48 UTC 2004
peter <peter at pandasys.co.uk> wrote:
> Finally found an ISP who knows how to do this, and set it up, but I'm
> confused with the result from DNSStuf.com below (IP range is
> 81.187.228.192/27)...
> 81.187.228.192 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (192.228.187.81.in-addr.arpa)
> 81.187.228.193 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (193.228.187.81.in-addr.arpa)
> 81.187.228.194 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (194.228.187.81.in-addr.arpa)
> 81.187.228.195 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (195.228.187.81.in-addr.arpa)
> 81.187.228.196 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (196.228.187.81.in-addr.arpa)
> 81.187.228.197 - PTR record does not exist
> 81.187.228.198 - PTR record does not exist
> 81.187.228.199 - PTR record does not exist
> 81.187.228.200 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (200.228.187.81.in-addr.arpa)
> 81.187.228.201 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (201.228.187.81.in-addr.arpa)
> 81.187.228.202 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (202.228.187.81.in-addr.arpa)
> 81.187.228.203 - PTR record does not exist
> etc
> I was expecting to see the machine names at the addresses wit hthe
> BOGUS lines.
> A reverse lookup with dig gives me this result...
> %dig -x 81.187.228.196
> ; <<>> DiG 9.2.1 <<>> -x 81.187.228.196
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34887
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;196.228.187.81.in-addr.arpa. IN PTR
> ;; ANSWER SECTION:
> 196.228.187.81.in-addr.arpa. 3600 IN CNAME
> 196.192-223.228.187.81.in-addr.arpa.
> 196.192-223.228.187.81.in-addr.arpa. 3600 IN PTR mx1.pandasys.net.
> ;; AUTHORITY SECTION:
> 192-223.228.187.81.in-addr.arpa. 3600 IN NS ns0.gradwell.com.
> 192-223.228.187.81.in-addr.arpa. 3600 IN NS ns1.pandasys.net.
> ;; Query time: 351 msec
> ;; SERVER: 10.69.0.1#53(10.69.0.1)
> ;; WHEN: Thu Feb 12 09:52:24 2004
> ;; MSG SIZE rcvd: 149
> So the reverse lookup is working ok, but have I done something wrong?
> Just for completeness, here's the reverse zone file...
> ;; $ORIGIN 192-223.228.187.81.in-addr.arpa.
> $TTL 3600
> @ IN SOA ns1.pandasys.net. admin.pandasys.net. (
> 2004021001 ; serial
> 7200 ; refresh
> 3600 ; retry
> 4W ; expire
> 1D ) ; minimum
>
> NS ns1.pandasys.net.
> NS ns0.gradwell.com.
> 193 PTR router.pandasys.net.
> 194 PTR pennan.pandasys.net.
> 195 PTR ns1.pandasys.net.
> 196 PTR mx1.pandasys.net.
> 200 PTR www.pandasys.net.
> 201 PTR webmail.pandasys.net.
> 202 PTR music.pandasys.net.
> Thanks for any advice,
> Peter
It looks ok for me ( apart from the fact that you got it wrong with
"$TTL" vs. "Negative cache". The above snippets says "cache valid data
for 1 h but cache invalid(nonexistent) data for a day. The opposit
should make more sense.
I guess that the tool from DNSStuf.com is somewhat confused ...
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list