reverse lookups with dig for internal domains
Mark Andrews
Mark_Andrews at isc.org
Thu Sep 16 23:50:39 UTC 2004
> Hi all
>
> I have been scratching my head for the past two - three days to come
> to terms with an inexplicable (atleast it seems so to to me )
> behaviour of dig. Let me explain it ..
>
> We have an internal domain in the private ip space , which cannot be
> looked up from external world. When I do a dig -x <ip> from our
> internal name server
>
> say dig -x 10.1.1.1
>
> gives the host name right
>
> but the authority section is from the root zone
> -----------
> ;; AUTHORITY SECTION:
> 10.in-addr.arpa. 9h6m59s IN NS BLACKHOLE-1.IANA.ORG.
> 10.in-addr.arpa. 9h6m59s IN NS BLACKHOLE-2.IANA.ORG
>
> ------------
>
> When I follow that up with a qury like
>
> dig ns 1.1.10.in-addr.arpa
>
> I get the name servers right ( that of our internal domain )
>
> and now when I try to reverse lookup any ip in the internal domain
> the authority section of the answer is coming out absolutely right
> ever after .
>
> thoughts/comments ?
> Sai.
>
You made a reverse lookup for a 10.x.x.x address not in
10.1.1.x ~6.5 days ago and the cache has the NS records
for 10.in-addr.arpa as a result.
The NS records for 1.1.10.in-addr.arpa have timed out and
you still have the PTR record for 1.1.1.10.in-addr.arpa.
If this bothers you use a slave / stub zone for
1.1.10.in-addr.arpa.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list