Problem with Classless IN-ADDR.ARPA delegation

Johnny Damtoft dns at named.dk
Thu Jan 10 16:59:23 UTC 2002 

Hi :)

I can see that there has been some writing about this, to help i send a zone
that runs IRL.

So, if you want to see how it is, just do a dig @dns1.ocnet.dk ...

Hope it helps :)

/ Johnny


------------

;
; /etc/dns/129.142.170.128_27.rev - reverse lookup for 129.142.170.128/27
(32 ip addys / 128-159)
;
$TTL 1800
$ORIGIN 129-158.170.142.129.in-addr.arpa.
129-158.170.142.129.in-addr.arpa.       IN      SOA     dns1.ocnet.dk.
hostmaster.ocnet.dk. (
                        2002010801
                        16384
                        2048
                        1209600
                        2560 )

@                       IN      NS      dns1.ocnet.dk.
@                       IN      NS      dns2.ocnet.dk.
@                       IN      NS      dns3.ocnet.dk.

129                     IN      PTR     gateway.prcdata.dk.
131                     IN      PTR     www.prcdata.dk.
132                     IN      PTR     shop.prcdata.dk.
133                     IN      PTR     betaling.prcdata.dk.
137                     IN      PTR     bsd.skrog.dk.
145                     IN      PTR     dns2.ocnet.dk.
149                     IN      PTR     ns.kh-websupport.dk.
150                     IN      PTR     ns2.kh-websupport.dk.
152                     IN      PTR     psa01.ocnet.dk.
158                     IN      PTR     old-psa01.ocnet.dk.

------------

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
Behalf Of Guillaume Laurès
Sent: Wednesday, January 09, 2002 8:42 PM
To: bind-users at isc.org
Subject: Problem with Classless IN-ADDR.ARPA delegation


Hello to everybody,

I used to have a working config for classless delegation, but now it
doesn't work anymore (worked about 5 monthes).
I didn't change the config (as far as I remember), did not upgrade bind
(or maybe ?).
Well, I don't remember what could have caused the trouble since I made
some changes some time ago but I discovered the problem only now.

Here is the setup: I have the 195.68.66.0/28 subnet delegated from my
ISP (have other w/ the same problem but let's keep it simple), and we
have choosed to run our own name server on those addresses

bind version is :
[root at srv-web /root]# named -v
named 8.2.3-REL Sat Jan 27 05:11:05 EST 2001

prospector at porky.devel.redhat.com:/usr/src/bs/BUILD/bind-8.2.3/src/bin/named



I have the following config in named.conf:
zone "32-28.64.68.195.in-addr.arpa" {
        type master;
        file "195.68.64.32-28.rev";
        };



The zone file looks like this:
$ttl 600
1-27.66.68.195.in-addr.arpa.    IN      SOA     srv-web.ebi-fr.com.
administrateur.ebi-fr.com. (
                        993755287
                        21600
                        3600
                        604800
                        600 )
1-27.66.68.195.in-addr.arpa.    IN      NS      srv-web.ebi-fr.com.
1.1-27.66.68.195.in-addr.arpa.  IN      PTR     travaux.pratique.fr.
2.1-27.66.68.195.in-addr.arpa.  IN      PTR     newsletter.ebi-fr.com.
...
30.1-27.66.68.195.in-addr.arpa. IN      PTR     gw.ebi-fr.com.
31.1-27.66.68.195.in-addr.arpa. IN      PTR
host66-31.lan-ls.imaginet.fr.



And here is the log of my bind starting:
Jan  9 19:28:56 srv-web named[7805]: starting (/etc/named.conf).  named
8.2.3-REL Sat Jan 27 05:11:05 EST 2001
^Iprospector at porky.devel.redhat.com:/usr/src/bs/BUILD/bind-8.2.3/src/bin/nam
ed
Jan  9 19:28:56 srv-web named[7805]: load: info: hint zone "" (IN)
loaded (serial 0)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"32-28.64.68.195.in-addr.arpa" (IN) loaded (serial 99375531)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"1-27.66.68.195.in-addr.arpa" (IN) loaded (serial 993755287)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"cfmp.tm.fr" (IN) loaded (serial 993757043)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"ebi-fr.com" (IN) loaded (serial 993755137)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"esf-editeur.fr" (IN) loaded (serial 993757224)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"groupe-strategies.fr" (IN) loaded (serial 993757379)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"groupe-strategies.com" (IN) loaded (serial 993757378)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone "lra.fr"
(IN) loaded (serial 993755125)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"pratique.fr" (IN) loaded (serial 993757597)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"strategies-online.com" (IN) loaded (serial 993757377)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"strategieseurope.com" (IN) loaded (serial 993757377)
Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
"forum-emplois.com" (IN) loaded (serial 993757382)
Jan  9 19:29:19 srv-web named[7805]: load: info: slave zone
"rbl-plus.mail-abuse.org" (IN) loaded (serial 1010592879)
Jan  9 19:29:19 srv-web named[7805]: default: info: listening on
[195.68.66.4].53 (eth0)
Jan  9 19:29:19 srv-web named[7805]: default: info: Forwarding source
address is [0.0.0.0].53
Jan  9 19:29:19 srv-web named[7814]: security: info: group = 25
Jan  9 19:29:19 srv-web named[7814]: security: info: user = named
Jan  9 19:29:19 srv-web named[7814]: default: notice: Ready to answer
queries.
jan  9 19:29:19 srv-web named: named startup succeeded



Now why I say it don't work ?
- connecting to ftp sites takes a long time, just like if reverse dns
check didn't worked
- asking for reverse lookup of one address from an external host don't
work:
chr at gw:~$ nslookup 195.68.66.2
Note:  nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead.  Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server:         193.252.19.3
Address:        193.252.19.3#53

** server can't find 2.66.68.195.in-addr.arpa: SERVFAIL



whereas straight lookup works:
chr at gw:~$ nslookup newsletter.ebi-fr.com
Note:  nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead.  Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server:         193.252.19.3
Address:        193.252.19.3#53

Name:   newsletter.ebi-fr.com
Address: 195.68.66.2



For those who prefer host:
chr at gw:~$ host 195.68.66.2
Nameserver not responding
195.68.66.2 PTR record not found, try again

chr at gw:~$ host newsletter.ebi-fr.com
newsletter.ebi-fr.com   A       195.68.66.2



- and strangely my server don't feel being authoritative for the
sub-zones:
[root at srv-web /root]# dig @195.68.66.4 soa 0-28.66.68.195.in-addr.arpa.

; <<>> DiG 8.3 <<>> @195.68.66.4 soa 0-28.66.68.195.in-addr.arpa.
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;;	0-28.66.68.195.in-addr.arpa, type = SOA, class = IN

;; AUTHORITY SECTION:
66.68.195.in-addr.arpa.  10M IN SOA  moria.imaginet.fr.
named-mgr.imaginet.fr. (
					2001071901	; serial
					6H		; refresh
					1H		; retry
					1W		; expiry
					10M )		; minimum


;; Total query time: 4235 msec
;; FROM: srv-web.ebi-fr.com to SERVER: 195.68.66.4
;; WHEN: Wed Jan  9 19:36:56 2002
;; MSG SIZE  sent: 45  rcvd: 108


moria.imaginet.fr is my ISP's dns server for 66.68.195.in-addr.arpa.


I feel it to be a bit long, but I hope I provided as much information as
possible to troubleshoot the issue.

Thanks to anybody who can help !!


Regards


--
Guillaume Laurès
Responsable Systèmes et Techniques - EBI
Tel [33](0)1 46 29 68 24
Mob [33](0)6 07 24 55 60
Fax [33](0)1 46 29 46 15

More information about the bind-users mailing list