CIDR is killing my nerves (212.in-addr.arpa not delegated or I'm bonkers)

David Tonhofer david.tonhofer at synapse.lu
Mon Mar 5 19:37:34 UTC 2001 

>> Getting to it ;-)

> Getting done by it

All your base are belong to us!

> Hmm..just tested it. I put the 176 into zone
"176.168.232.212.in-addr-apra"
> blahblah and this is what happened when I restarted named. all fine til
now.
>
> Mar  5 20:54:28 homer named[31324]: master zone "0.0.127.in-addr.apra"
(IN)
> loaded (serial 22)


Did you copy this from the screen? Looks like a typo here!!!


> Mar  5 20:54:28 homer named[31324]: master zone "belfin.ch" (IN) loaded
> (serial 3)
> Mar  5 20:54:28 homer named[31324]: master zone
> "176.168.232.212.in-addr.arpa" (IN) loaded (serial 3)
> Mar  5 20:54:28 homer named[31324]: listening on [212.232.168.181].53
(eth0)
>
> Now doing a nslookup to www.belfin.ch. after a few seconds I get this:
>
> homer:/var/named/belfin # nslookup www.belfin.ch
> *** Can't find server name for address 212.232.168.181: Non-existent
> host/domain
> *** Default servers are not available
> homer:/var/named/belfin #


Ok, let's do a full reverse lookup for an address 212.232.168.182,
ie. www.belfin.ch

*** Start nearly at the top ***

$ dig @a.root-servers.net 212.in-addr.arpa. SOA

  ;; AUTHORITY SECTION:
  212.in-addr.arpa.       518400  IN      NS      NS.RIPE.NET.
  212.in-addr.arpa.       518400  IN      NS      NS.EU.NET.

*** Good..Down one ***

$ dig @ns.eu.net 212.in-addr.arpa. SOA

  ;; AUTHORITY SECTION:
  212.in-addr.arpa.       7200    IN      SOA     ns.ripe.net. ops.ripe.net.

*** Steady...stay with the server ***

$ dig @ns.eu.net 232.212.in-addr.arpa.

  ;; AUTHORITY SECTION:
  212.in-addr.arpa.       7200    IN      SOA     ns.ripe.net. ops.ripe.net

*** Good...stay with the server ***

$ dig @ns.eu.net 168.232.212.in-addr.arpa.

  ;; AUTHORITY SECTION:
  212.in-addr.arpa.       7200    IN      SOA     ns.ripe.net. ops.ripe.net

*** Uhhh...NOT good!!!
    Somehow the whole zone 212.in-addr.arpa. stays with ns.ripe.net.
    There is no delegation of reverse lookup at all! If I'm not completely
    mistaken, this is seriously messed up. Somebody should be doing
something about
    this.

> Now I believe that the ISP must delegate first the belfin.ch zone to my
dns
> and then this will work. Is my assumption right?

No.

>> >> dnsadmin.synapse.lu. (
>> >>                 2001020410 28800 7200 604800 86400 )
>> >>                 IN      NS      dns1.synapse.lu.
>> >>                 IN      NS      dns2.synapse.lu.
>> >> $ORIGIN 224.217.154.194.in-addr.arpa.
>> >> 225             IN      PTR     dns1.synapse.lu.
>> >> 226             IN      PTR     wk1.synapse.lu
>> >> 227             IN      PTR     wk2.synapse.lu.
>> >> etc...
>> >
>> > But this is your slave dns here.
>>
>> No, this baby is the master. And it's got at authorithy for
>> the zone "224.217.154.194.in-addr.arpa", so it can respond
>> to PTR queries for

> Hmmm? Why do you have $ORIGIN entries in your reverse lookup master zone?
I
> don't have.


Check out the manual: it's just a shorthand, you factor out the owner of
the subsequent zones.


>> 225.224.217.154.194.in-addr.arpa.
>> 226.224.217.154.194.in-addr.arpa.
>> 227.224.217.154.194.in-addr.arpa.
>>
>> etc...which are 'specially fixed (by the provider)' zone names,
>> of course and not zones derived from actual IP addresses.
>>
>> I hope I'm explaining this correctly. I'm self-taught here.

> Thanx
> Philipp



Best of luck,

	-- David

More information about the bind-users mailing list