second reply ... still need help Re: Verizon problems - what else is new
Kevin Darcy
kcd at daimlerchrysler.com
Fri Jan 16 01:49:51 UTC 2004
Jeff Lasman wrote:
>The frist time I responded only to Mark <frown>, so now I'm responding
>to the list. Sorry, Mark.
>
>On Tuesday 13 January 2004 02:19 pm, Mark_Andrews at isc.org wrote:
>
>
>
>> The reverse and forward records do not match.
>>
>>
>
>We're getting reverse DNS from our (small) connection provider. They
>run all their DNS on a Cobalt RaQ2 server running bind 8.2.3. It's
>unlikely they can update this, at least not in the short term <frown>.
>
>They don't know how to fix this, so I'm hoping someone here will.
>
>Here's a segment from their zone file (with the first two lines on one
>line):
>
><snip>
>@ IN SOA ns1.dnssys.com. root.ns1.dnssys.com. ( 2004011414 10800 3600
>604800 86400 )
> IN NS ns1.dnssys.com.
>155 in ptr ns1.dnssys.com.
></snip>...<snip>
>200 in ptr raq41.provincetowndesign.com.
>201 in ptr raq41.provincetowndesign.com.
></snip>
>
>The relevant contents of the /etc/named.conf file (on one line) are as
>follows:
>
><snip>
>zone "128/25.240.58.65.in-addr.arpa" { type master; file
>"pri.128-25.240.58.65.i
>n-addr.arpa"; };
></snip>
>
The name of the zone has no slashes in it:
% dig -x 65.58.240.200 ptr
; <<>> DiG 9.2.2rc1 <<>> -x 65.58.240.200 ptr
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28181
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;200.240.58.65.in-addr.arpa. IN PTR
;; ANSWER SECTION:
200.240.58.65.in-addr.arpa. 3600 IN CNAME
200.128-255.240.58.65.in-addr.arpa.
200.128-255.240.58.65.in-addr.arpa. 65334 IN PTR
raq41.provincetowndesign.com.
;; AUTHORITY SECTION:
128-255.240.58.65.in-addr.arpa. 73335 IN NS ns-europe.dnssys.com.
;; ADDITIONAL SECTION:
ns-europe.dnssys.com. 159613 IN A 81.90.35.13
;; Query time: 17 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan 15 20:45:49 2004
;; MSG SIZE rcvd: 159
%
>
>As I understand it (and my understanding may very well be faulty) they
>have to name it that way, because otherwise they can't get the
>delegation from _their- parent.
>
>And as I also understand it, any manual changes they'd make (i.e.,
>$ORIGIN) to the zone file would get overwritten by the RaQ's automatic
>DNS handling.
>
>Am I between a rock and a hard place here? If so, perhaps I can get
>them to delegate it to me, I handle DNS manually.
>
>The machine in question has 19 non-contiguous IP#s and is NOT on a
>subnet; is there a way for them to delegate individual IP#s to me for
>reverse DNS? Or should I just offer to do all their reverse DNS for
>them (I'm willing if it'll solve the problem, which I'm sure some of
>their clients must be having as well).
>
If your direct provider can't change these records, then I guess someone
will have to talk to the upstream provider (Level 3) about either
delegating one or more /24 reverse zones to your box (with your direct
provider's permission, of course), or just repoint the aliases for your
specific IPs to names that you control.
- Kevin
More information about the bind-users
mailing list