BIND9.3 zonename Problem
jesk
jesk at killall.org
Sun Oct 31 12:19:17 UTC 2004
Hello,
i just configured a classles Reverse Delegation from BIND8 to BIND9.3.
the zonename on the BIND9.3 (ns0.example.com) system is
"224-239.xxx.xxx.xxx.in-addr.arpa".
i configured the zone as follows:
---
zone "224-239.xxx.xxx.xxx.in-addr.arpa" {
type master;
file "master/224-239.xxx.xxx.xxx.in-addr.arpa";
allow-query { any; };
};
---
the zone itself looks like this:
---
$TTL 18000
@ IN SOA ns0.example.com. hostmaster.example.com. (
2004103009 ; Serial number
3H ; Refresh every 3 hours
15M ; Retry after 15 Minutes
1W ; Expire after 1 week
4H ) ; Minimum 4 hourse
IN NS ns0.example.com.
IN NS ns1.example.com.
225 IN PTR ns0.example.com.
226 IN PTR mx0.example.com.
227 IN PTR www.example.com.
---
now i recognized that resolving a ip of the subnet directly from
ns0.example.com wont work:
---
"host xxx.xxx.xxx.227 ns0.example.com"
"Host 227.xxx.xxx.xxx.in-addr.arpa not found: 5(REFUSED)"
---
On ns0.example.com BIND9.3 says:
---
"named[53719]: client x.x.x.x#58160: query (cache) '
227.xxx.xxx.xxx.in-addr.arpa/PTR/IN' denied"
---
It seems that ns0.example.com doesnt feel authoritativ for the zone,
cause when setting allow-query { any; }; globally then resolving from
a other bind9.3 resolver will work but from a bind8 resolver it wont...
Am i totally stupid or whats going on there?
More information about the bind-users
mailing list