BIND9.3 zonename Problem

Sun Oct 31 12:19:17 UTC 2004

Hello,

i just configured a classles Reverse Delegation from BIND8 to BIND9.3.
the zonename on the BIND9.3 (ns0.example.com) system is
"224-239.xxx.xxx.xxx.in-addr.arpa".
i configured the zone as follows:
---
zone "224-239.xxx.xxx.xxx.in-addr.arpa" {
        type master;
        file "master/224-239.xxx.xxx.xxx.in-addr.arpa";
        allow-query { any; };
};
---
the zone itself looks like this:
---
$TTL                            18000
@  IN SOA  ns0.example.com.  hostmaster.example.com. (
                                2004103009  ; Serial number
                                3H                 ; Refresh every 3 hours
                                15M              ; Retry after 15 Minutes
                                1W                ; Expire after 1 week
                                4H )               ; Minimum 4 hourse

        IN      NS      ns0.example.com.
        IN      NS      ns1.example.com.

225     IN      PTR     ns0.example.com.
226     IN      PTR     mx0.example.com.
227     IN      PTR     www.example.com.
---

now i recognized that resolving a ip of the subnet directly from
ns0.example.com wont work:
---
"host xxx.xxx.xxx.227 ns0.example.com" 
"Host 227.xxx.xxx.xxx.in-addr.arpa not found: 5(REFUSED)"
---
On ns0.example.com BIND9.3 says:
---
"named[53719]: client x.x.x.x#58160: query (cache) '
227.xxx.xxx.xxx.in-addr.arpa/PTR/IN' denied"
---

It seems that ns0.example.com doesnt feel authoritativ for the zone,
cause when setting allow-query { any; }; globally then resolving from
a other bind9.3 resolver will work but from a bind8 resolver it wont...
Am i totally stupid or whats going on there?