Problem with recursive name server
Mark Andrews
marka at isc.org
Sun Jun 10 04:58:10 UTC 2012
In message <F98496E3-CA16-4C5C-8F04-18EE49D20FB7 at commobil.de>, Mike Bobkiewicz
writes:
> HI all,
> first Eduardo:
> I did an upgrade with the mentioned package to 9.9.1 P1, it=B4s now up and =
> running but doesn=B4t fix the problem.
> I have to correct one thing: It=B4s not a 10.6 client system it=B4s a 10.7.=
> 4 Server system, this is important because the client running this server d=
> oes configure bind with Apple=B4s Admin Tools. When something doesn=B4t wor=
> k he calls me and I log in via ssh and try to figure out what=B4s wrong. Te=
> lling the truth: I like vi very much...
>
> Am 08.06.2012 um 22:13 schrieb Chuck Swiger:
>
> > Hi--
> > =
>
> > On Jun 8, 2012, at 1:08 PM, Mike Bobkiewicz wrote:
> >> we are running an authorative name server for some domains. After some t=
> ime our ISP has now delegated the reverse name lookups to our server. We ar=
> e running bind 9.7.3 on Mac OS X 10.6 and are not able to bring the reverse=
> name lookups to life. The master db-file is loaded and we to set the allo=
> w-recursive { any; }; option in the named.conf but it still doesn=B4t work.=
> We are getting RFC 1912 2.1 with some mail servers which is the biggest pr=
> oblem. Which additional options must be set in the named.conf to make the r=
> everse name lookups for our domains work?
> > =
>
> > Mailservers doing a double-reverse lookup try to validate that your IP ha=
> s a PTR record which returns a name that a normal forward lookup finds, and=
> gives back the original IP.
> > =
>
> > Give us an example of a bad hostname or IP, and we can probably tell you =
> what aspect isn't working right...
> > =
>
> Sorry, was late last night for me so here are some parts of the configurati=
> on:
> /etc/named.conf
> include "/etc/rndc.key";
> options {
> directory "/var/named";
> listen-on-v6 port 53 {
> "none";
> };
> allow-recursion {
> any;
> };
> allow-transfer {
> none;
> };
> };
> controls {
> inet 127.0.0.1 port 54 allow {
> "any";
> } keys {
> "rndc-key";
> };
> };
> acl "com.apple.ServerAdmin.DNS.public" {
> any;
> };
> logging {
> channel _default_log {
> file "/Library/Logs/named.log";
> severity info;
> print-time yes;
> };
> category "default" {
> "_default_log";
> };
> };
> view "com.apple.ServerAdmin.DNS.public" {
> zone "0.0.127.in-addr.arpa" IN {
> type master;
> file "named.local";
> allow-update {
> none;
> };
> };
>
> ... around 15 working master zones
>
> zone "95.191.213.in-addr.arpa" IN {
> type master;
> file "db.95.191.213.in-addr.arpa";
> allow-transfer {
> com.apple.ServerAdmin.DNS.public;
> };
> allow-update {
> none;
> };
> };
> };
> };
The ISP has delegated "0/27.95.191.213.in-addr.arpa" not
"95.191.213.in-addr.arpa" to you. You need to be serving
"0/27.95.191.213.in-addr.arpa".
You should be slaving "95.191.213.in-addr.arpa" so that you have
the CNAME records available locally for when the external link is
down and have "0/27.95.191.213.in-addr.arpa" as a master.
zone 95.191.213.in-addr.arpa {
type slave;
file "db.95.191.213.in-addr.arpa";
masters { 213.191.73.65; 213.191.74.20; };
};
zone 0/27.95.191.213.in-addr.arpa {
type master;
file "db.0.95.191.213.in-addr.arpa";
};
> The lines of question in the db-file:
> 10800 IN NS ns1.hektor.de.
> 10800 IN NS ns2.hansenet.de.
> 3.95.191.213.in-addr.arpa. 10800 IN PTR mailserver.hektor.d=
> e.
>
> The name of the server is ns1.hektor.de.
> Trying to send an email to a server trying to get the PTR record the sender=
> receives an "Undelivered Mail..." mail with this:
> 550 inconsistent or
> no DNS PTR record for 213.191.95.3 (see RFC 1912 2.1) (in reply to RCPT =
> TO
> command)
>
> Hope this helps to clear out the problem
>
> Best regards,
>
> Mike
> =
>
> > Regards,
> > -- =
>
> > -Chuck
> > =
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscri=
> be from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list