RFC 2317 reverse DNS - have I done it right?

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Thu Feb 12 20:27:48 UTC 2004 

peter <peter at pandasys.co.uk> wrote:
> Finally found an ISP who knows how to do this, and set it up, but I'm
> confused with the result from DNSStuf.com below (IP range is
> 81.187.228.192/27)...

> 81.187.228.192 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (192.228.187.81.in-addr.arpa)
> 81.187.228.193 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (193.228.187.81.in-addr.arpa)
> 81.187.228.194 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (194.228.187.81.in-addr.arpa)
> 81.187.228.195 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (195.228.187.81.in-addr.arpa)
> 81.187.228.196 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (196.228.187.81.in-addr.arpa)
> 81.187.228.197 - PTR record does not exist
> 81.187.228.198 - PTR record does not exist
> 81.187.228.199 - PTR record does not exist
> 81.187.228.200 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (200.228.187.81.in-addr.arpa)
> 81.187.228.201 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (201.228.187.81.in-addr.arpa)
> 81.187.228.202 - BOGUS [success=1 timeout=0 rcode=0 ancount=2
> type=CNAME] (202.228.187.81.in-addr.arpa)
> 81.187.228.203 - PTR record does not exist
> etc

> I was expecting to see the machine names at the addresses wit hthe
> BOGUS lines.
> A reverse lookup with dig gives me this result...

> %dig -x 81.187.228.196

> ; <<>> DiG 9.2.1 <<>> -x 81.187.228.196
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34887
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0

> ;; QUESTION SECTION:
> ;196.228.187.81.in-addr.arpa.   IN      PTR

> ;; ANSWER SECTION:
> 196.228.187.81.in-addr.arpa. 3600 IN    CNAME  
> 196.192-223.228.187.81.in-addr.arpa.
> 196.192-223.228.187.81.in-addr.arpa. 3600 IN PTR mx1.pandasys.net.

> ;; AUTHORITY SECTION:
> 192-223.228.187.81.in-addr.arpa. 3600 IN NS     ns0.gradwell.com.
> 192-223.228.187.81.in-addr.arpa. 3600 IN NS     ns1.pandasys.net.

> ;; Query time: 351 msec
> ;; SERVER: 10.69.0.1#53(10.69.0.1)
> ;; WHEN: Thu Feb 12 09:52:24 2004
> ;; MSG SIZE  rcvd: 149

> So the reverse lookup is working ok, but have I done something wrong?
> Just for completeness, here's the reverse zone file...

> ;;      $ORIGIN 192-223.228.187.81.in-addr.arpa.
> $TTL    3600
> @       IN      SOA     ns1.pandasys.net.       admin.pandasys.net. (
>                                 2004021001      ; serial
>                                 7200            ; refresh 
>                                 3600            ; retry
>                                 4W              ; expire
>                                 1D )            ; minimum 
>  
>                 NS      ns1.pandasys.net.
>                 NS      ns0.gradwell.com.

> 193     PTR     router.pandasys.net.
> 194     PTR     pennan.pandasys.net.
> 195     PTR     ns1.pandasys.net.
> 196     PTR     mx1.pandasys.net.

> 200     PTR     www.pandasys.net.
> 201     PTR     webmail.pandasys.net.
> 202     PTR     music.pandasys.net.

> Thanks for any advice,
> Peter

It looks ok for me ( apart from the fact that you got it wrong with 
"$TTL" vs. "Negative cache". The above snippets says "cache valid data
for 1 h but cache invalid(nonexistent) data for a day. The opposit
should make more sense.

I guess that the tool from DNSStuf.com is somewhat confused ...



-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list