Selective forwarding for reverse zones?

Tue Apr 11 15:22:14 UTC 2000

Thanks for the help so far.

If it helps, the sections from the foobar.com's named.conf are:

zone "foobar.com" IN {
        type master;
        file "db.foobar.com";
        allow-update { none; };
        allow-transfer { any; };
};

zone "40.168.192.in-addr.arpa" IN {
        type master;
        file "db.192.168.40";
        allow-update { none; };
        allow-transfer { any; };
};

It works fine both ways.  I have also removed the offending lines in the
db.192.168 file on the "nameserver1" machine.  It's db.192.168 currently has
nothing with:

$ORIGIN 40.168.192.in-addr.arpa.

The behavior stays the same, ie this still does not work on "nameserver1":

# nslookup craig.foobar.com
Server:  nameserver1.principal.com
Address:  192.168.34.5

Non-authoritative answer:
Name:    craig.foobar.com
Address:  192.168.40.26

# nslookup 192.168.40.26
Server:  nameserver1.principal.com
Address:  192.168.34.5

*** nameserver1.principal.com can't find 192.168.40.26: Non-existent
host/domain
# 

Any other thoughts?  

-----Original Message-----
From: Barry Margolin [mailto:barmar at genuity.net]
Sent: Tuesday, April 11, 2000 9:53 AM
To: comp-protocols-dns-bind at moderators.isc.org
Subject: Re: Selective forwarding for reverse zones?

In article
<93D3D41C8EB4D2119C4200805F9F496107C33030 at pfgdsmmsg010.principal.com>,
Treptow, Craig <Treptow.Craig at principal.com> wrote:
>Where this is in the "nameserver1" machine's /etc/named.conf:
>
>zone "foobar.com" IN {
>        type forward;
>        forward only;
>        forwarders { 192.168.40.201; };
>};
>
>zone "40.168.192.in-addr.arpa" IN {
>        type forward;
>        forward only;
>        forwarders { 192.168.40.201; };
>};
>
>And this is a small section of the db.foobar.com:
>
>treptow         IN      CNAME   craig.foobar.com.
>craig           IN      A       192.168.40.26
>
>And this is a small section of the db.192.168 on the foobar.com server:
>
>26.40           IN      PTR     craig.foobar.com.
>
>The "nameserver1" machine also has this in it's db.192.168:
>
>$ORIGIN 40.168.192.in-addr.arpa.
>12      1200    IN      PTR     dom2.root.principal.com.        ;Cl=4
>100     1200    IN      PTR     root.root.principal.com.        ;Cl=4
>170     1200    IN      PTR     pfgw2k.pfgusa.root.principal.com.       ;Cl=4
>105     1200    IN      PTR     dom2.root.principal.com.        ;Cl=4
>106     1200    IN      PTR     wtsw2k.root.principal.com.      ;Cl=4
>190     1200    IN      PTR     root.w2kpilot.local.    ;Cl=4
>152     1200    IN      PTR     term1.root.principal.com.       ;Cl=4
>166     1200    IN      PTR     CLUSTER1.root.principal.com.    ;Cl=4

These lines should all be ignored, because you have 40.168.192.in-addr.arpa
set to forward.  That means that lookups for anything ending with
..40.168.192.in-addr.arpa should be forwarded.

>I'd like to be able to lookup 192.168.40.26 on the "nameserver1" machine and
>get back craig.foobar.com.

What you posted seems like it should do that.  Maybe the overlap between
the forwarding zone and the entries in db.192.168 are confusing it,
though.  Get rid of the above zone file entries, since 192.168.40.201 is
supposed to be handling all reverse DNS for 192.168.40.x.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the
group.