reverse delegation RFC2317 problem on slave zone
Niels Sommer
ns at idatahouse.com
Fri Jan 18 11:18:30 UTC 2002
Thanks Glen and Peter,
It seems that we haven't requested reverse delegation for all of our /24
networks from RIPE and you have to specifically request it for each /24. It
is not possible to request it for a /20 for example. So I've done that and
it works.
Thank you very much,
Niels Sommer
----- Original Message -----
From: "glen herrmannsfeldt" <gah at ugcs.caltech.edu>
Newsgroups: comp.protocols.dns.bind
To: <comp-protocols-dns-bind at uunet.uu.net>
Sent: Friday, January 18, 2002 12:48 AM
Subject: Re: reverse delegation RFC2317 problem on slave zone
"Niels Sommer" <ns at idatahouse.com> writes:
>I have a problem with the slave zone of a reverse delegated subnet. If I do
>a reverse lookup locally (the slave) or any remote server it times out a
>debug shows a SERVFAIL error, but from our primary DNS it works fine. The
>zone transfer works fine (configured like other zones which works) and the
>resolver on the slave works for local domains. The error returned from
>nslookup is:
(snip of nslookup output)
RFC2317 suggests that both the CNAME server and the delegated
server run secondary (slave) to each other. This ensures that
each has the answer to both questions.
I am confused by your example, as it looks like the queried nameserver
only has the CNAME entries. If you are the delegatee, your nameserver
should have the PTR entries, where the delegating server has the CNAMEs.
I have seen problems like this where a server believed that it
was authoritative for a domain when it actually was not. I would
check the delegations carefully.
-- glen
More information about the bind-users
mailing list