Avoid RFC 2317 style delegation.
Ronan Flood
ronan at noc.ulcc.ac.uk
Thu Aug 26 11:37:55 UTC 2004
On Wed, 25 Aug 2004 15:44:28 -0400, Edward Lewis <edlewis at arin.net> wrote:
> News to me...so, looking at
>
> <URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/avoid-rfc-2317-delegation.html>
>
> # If one employs RFC 2317 style delegation, one cannot test one's content
> # DNS servers directly using dig with the -x option. One is instead required
> # to determine by hand what reverse lookup domain name to use (which will, of
> # course, vary according to the specific private syntax that is being
> employed),
> # and explicitly provide that to dig.
>
> That's not true, try "dig -x 69.25.34.196"
;; ANSWER SECTION:
196.34.25.69.in-addr.arpa. 43200 IN CNAME ashburn-196.arin.net.
ashburn-196.arin.net. 10800 IN PTR ns1.arin.net.
;; AUTHORITY SECTION:
arin.net. 281 IN NS epazote.arin.net.
arin.net. 281 IN NS figwort.arin.net.
etc etc
Note "directly" ...
dig -x 69.25.34.196 @epazote.arin.net.
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54585
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 0
;; QUESTION SECTION:
;196.34.25.69.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
25.69.in-addr.arpa. 86400 IN NS NS-C.PNAP.NET.
25.69.in-addr.arpa. 86400 IN NS NS-D.PNAP.NET.
25.69.in-addr.arpa. 86400 IN NS NS-A.PNAP.NET.
25.69.in-addr.arpa. 86400 IN NS NS-B.PNAP.NET.
--
Ronan Flood <R.Flood at noc.ulcc.ac.uk>
working for but not speaking for
Network Services, University of London Computer Centre
(which means: don't bother ULCC if I've said something you don't like)
More information about the bind-users
mailing list