SBC reverse setup - revisited
Mark Andrews
Mark_Andrews at isc.org
Thu Sep 22 01:23:45 UTC 2005
> Content-Type: text/plain; charset="US-ASCII"
> Despite contrary views - I DO have reverse authority over my SBC assigned
> IP addresses:
>
> I am using a SuSE distributed linux, 9.2 Professional with bind 9.2.4-3
>
> I have x.x.x.120/29 authority, but SBC is telling me that I need to have
> an in-addr-arpa for .120 ??
>
> .121 is the slipstream dsl modem
> .122 is my first (usable) IP that is my firewall - I do NOT want DNS
> there
> .123 is my Name Server
>
> /etc/named.conf
>
> zone "29/120.x.x.x.in-addr-arpa" in {
> type master;
> file "db.x.x.x.120-29"
> };
>
> zone "123.x.x.x.in-addr-arpa" in {
> type master;
> file "db.x.x.x.123"
> };
>
> in /var/lib.named
>
> db.x.x.x.123
> ===usual===
> 123.x.x.x.in-addr-arpa. IN NS blah-blah.
> 123.x.x.x.in-addr-arpa. IN PTR more.blah-blah.
>
> db.x.x.x.120-29
> ===usual===
> 29/120.x.x.x.in-addr-arpa. IN NS blah-blah.
> 29/120.x.x.x.in-addr-arpa. IN PTR more.blah-blah.
>
> (Note - same "blah-blah" for both)
>
> I could abandon the "120-29 29/120" construct and replace with just 120
> but isn't this then assuming that .120 is my primary ?
>
> Am I missing something obvious ?
>
> Mail is/was working without being flagged "may be forged" which I used to
> get before I changed to this configuration, which dnsreport.com reports
> as a non-responsive server (and the backups have no authority).
>
> If I need to post full IP/domain, let me know...I'm just being paranoid.
Post the full IP addresses. There are lots of way it can
be done. The correct answer depends upon has SBC has set
things up. See RFC 2317.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list