CIDR in-addr.arpa problem
Kevin Darcy
kcd at chrysler.com
Tue Mar 16 20:31:18 UTC 2010
What do the CNAMEs look like in 33.168.192.in-addr.arpa, or, if that's
not a delegated zone, the closest-enclosing zone of that?
- Kevin
On 3/16/2010 3:19 PM, Lister wrote:
> Hello all,
>
> I have a problem with a CIDR IN-ADDR.ARPA delegation of a /28 netblock.
> Domain names and IP numbers have been edited for privacy purposes.
>
> I've had my local ISP make me a CIDR in-addr.arpa delegation for the
> block
> 192.168.33.112/28 to my name servers:
> ns1.mydomain.dom
> ns2.mydomain.dom
>
> on my BIND-9.6.0-P1 I did the following:
>
> in named.conf:
> --------------
> zone "112/28.33.168.192.in-addr.arpa" {
> type master;
> file "master/112-28.33.168.192.rev";
> allow-query { any; };
> allow-transfer { affilates; }; //irrelevant to the topic in
> question
> notify yes;
> };
>
> in master/112-28.33.168.192.rev:
> --------------------------------
> $ORIGIN 112/28.33.168.192.in-addr.arpa.
> $TTL 3600 ; 1 hour
> @ IN SOA ns1.mydomain.dom. hostmaster.mydomain.dom. (
> 2010031600 ; serial
> 15m ; refresh
> 10m ; retry
> 1d ; expire
> 60 ; -ve cache ttl
> )
> $TTL 1d
> @ NS ns1.mydomain.dom.
> @ NS ns2.mydomain.dom.
> $TTL 30
> 113 PTR host1.mydomain.dom.
> 114 PTR host2.mydomain.dom.
> ;.
> ;.
> 126 PTR hostN.mydomain.dom.
>
> To the best on my knowledge, the above config is correct. However BIND
> responds to PTR queries authoritatively with NXDOMAIN, and, AFTER
> FORWARDING. It gives the same query respone for anything in the /24
> (class C) network, not only my /28.
> Naturally, it should NOT forward; and if it does, it should NOT
> respond authoritatively.
>
> Using a '-' instead of '/' in the config files made no difference.
> I tried this on BIND-9.6.0-P1 on FreeBSD-7.1 and BIND-9.4.3-P3 on
> CentOS 5.3 with the same results.
>
> BIND 9.6 was built in a standard way as FreeBSD port. This is how it
> was as obtained from syslog:
> built with '--localstatedir=/var' '--disable-linux-caps'
> '--with-randomdev=/dev/random' '--with-openssl=/usr'
> '--with-libxml2=/usr/local' '--without-idn' '--enable-threads'
> '--sysconfdir=/etc/namedb' '--prefix=/usr' '--mandir=/usr/share/man'
> '--infodir=/usr/share/info/' '--build=x86_64-portbld-freebsd7.1'
> 'build_alias=x86_64-portbld-freebsd7.1' 'CC=cc' 'CFLAGS=-O2
> -fno-strict-aliasing -pipe' 'LDFLAGS= -rpath=/usr/lib:/usr/local/lib'
> 'CXX=c++' 'CXXFLAGS=-O2 -fno-strict-aliasing -pipe'
>
>
> Please tell me if I did something wrong or it's a BIND problem and if
> so, if there's a workaround.
>
> Kind regards,
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
More information about the bind-users
mailing list