in-addr.arpa subdomain problem
BOG
junk at 1command.com
Tue Aug 10 07:42:12 UTC 2004
Greetings,
Your zone file is not laid out correctly. More specifically, your IN-ADDR.ARPA.
Your IN-ADDR.ARPA should be cut off at your NET number. eg;
;ZONE IN-ADDR.ARPA.
$ORIGIN 12.12.12.IN-ADDR.ARPA.
$TTL ####
@ SOA nameserver.domain.dom. rp.domain.dom. (
#### ; serial
#### ; refresh
#### ; retry
#### ; expire
#### ) ; minimum
IN NS sum.name.server
IN NS sum.name.server2
IN NS sum.name.server3
;128.12.12.12.IN-ADDR.ARPA. IN PTR GW.domain.dom.
129.12.12.12.IN-ADDR.ARPA. IN PTR host1.domain.dom.
130.12.12.12.IN-ADDR.ARPA. IN PTR host2.domain.dom.
... etc...
123.12.12.12.IN-ADDR.ARPA. IN PTR host5
... etc, etc...
now simply call this file: yourdomainhere.domain.rev
in named.conf
... etc...
zone "12.12.12.IN-ADDR.ARPA" in {
type master;
file "yourdomainhere.dom.rev";
... etc, etc...
Now your PTR's are not out(side) of your network. AND BY ALL MEANS
DO NOT FORGET ABOUT LOCALHOST. The #1 killer. Make damn sure you
have the zone(s) - forward and reverse setup properly.
Best wishes
Simon Hobson <shobson0309 at colony.com> wrote in message news:<cetmqi$oda$1 at sf1.isc.org>...
> lancer81 at cablespeed.com wrote:
>
> >I am setting up a new server running bind 9.2.1 to replace
> >a bind 8.1.2 server. In testing this I am able to do
> >reverse lookups on class C subnets but not subdomains
> >(e.g. /25). If I am reading dig output properly the server
> >is directing request to root servers rather than handling
> >it locally.
> >
> >------------
> >
> >zone "128-255.12.12.12.in-addr.arpa" in {
> > type master;
> > file "12.12.12.128.reverse.db";
> > allow-update { none; };
> >};
> >
> >------------
> >
> >;12.12.12.128.reverse.db
> >;
> >$TTL 3h
> >@ IN SOA ns1.domain.com. hostmaster.domain.com. (
> > 2004080501 ; serial
> > 3h ; refresh
> > 1h ; retry
> > 15d ; expire
> > 1h ) ; neg cache ttl
> >
> >@ IN NS ns1.domain.com.
> >@ IN NS ns2.domain.com.
> >
> >129 IN PTR host1.domain.com.
> >130 IN PTR host2.domain.com.
> >
> >------------
> >
> >[user at ns1]# dig @ns1 12.12.12.129
> >
> >; <<>> DiG 9.2.1 <<>> @ns1 12.12.12.129
> >;; global options: printcmd
> >;; Got answer:
> >;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29600
> >;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1,
> >ADDITIONAL: 0
> >
> >;; QUESTION SECTION:
> >;12.12.12.129. IN A
> >
> >;; AUTHORITY SECTION:
> >. 10800 IN SOA
> > A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2004080401
> >1800 900 604800 86400
> >
> >;; Query time: 16 msec
> >;; SERVER: 13.13.13.13#53(ns1)
> >;; WHEN: Thu Aug 5 10:51:12 2004
> >;; MSG SIZE rcvd: 106
>
> Apart from the earlier comment that your query is wrong, it is
> actually correct that your name server will go to the root servers.
> What happens is this :
>
> You lookup 128.12.12.12.in-addr.arpa
>
> The nameserver will traverse the heirarchy (starting at the root
> servers) looking for a server that knows about this name.
>
> In all probability, it would end up at a server with a zone for
> 12.12.12.in-addr.arpa and here is the fun bit ...
>
> In the zone 12.12.12.in-addr.arpa, there must be a pointer which
> delegates the record to your nameserver :
> 128 PTR 128.128-255.12.12.12.in-addr.arpa.
>
> This name server will also need the glue records for your name server :
> 128-255.12.12.12.in-addr.arpa NS xxx.xxx.xxx.xxx
>
> There is actually an RFC for doing just this, but it's number escapes me.
>
> Simon
>
> --
>
> NOTE: This is a throw-away email address which will reach me for as
> long as it stays spam-free, remove date for real address.
>
> Simon Hobson MA MIEE, Technology Specialist
> Colony Gift Corporation Limited
> Lindal in Furness, Ulverston, Cumbria, LA12 0LD
> Tel 01229 461100, Fax 01229 461101
>
> Registered in England No. 1499611
> Regd. Office : 100 New Bridge Street, London, EC4V 6JA.
More information about the bind-users
mailing list