Rev DNS problem

Barry Margolin barmar at alum.mit.edu
Thu Feb 10 01:21:02 UTC 2005 

In article <cudqcd$24rl$1 at sf1.isc.org>,
 "Dermot Paikkos" <dermot at sciencephoto.co.uk> wrote:

> Hi,
> 
> BIND 8.3 on tru64.
> 
> I thought my DNS was working fine until I got a mail rejection because my 
> revdns was 
> failing. True enough most server's can't resolve any of my ips but can work 
> with the 
> host names. What is strange is that nslookup seems to says its working while 
> dig says 
> my in-addr.arpa is non-existent.
> 
> EG:
> >nslookup 194.200.237.129
> Server:  localhost
> Address:  127.0.0.1
> 
> Name:    helios.sciencephoto.co.uk
> Address:  194.200.237.129
> 
> >dig 194.200.237.129
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> 
> I have pawed through my config and I can't see an error - althought there my 
> be one 
> somewhere - so I am lost.

The syntax for reverse lookups with dig is:

dig -x 194.200.237.129

You left out the -x option, so it treated 194.200.237.129 as a forward 
lookup domain.

> 
> Debug suggests all is well with the revdns:
> 
> db_load(hosts.rev, 237.200.194.in-addr.arpa, 5, Nil, Normal)
> d='237.200.194.in-addr.arpa', c=1, t=6, ttl=10800, 
> data='helios.sciencephoto.co.uk.'
> d='237.200.194.in-addr.arpa', c=1, t=2, ttl=10800, 
> data='helios.sciencephoto.co.uk.'
> 
> so I guess the config file is okay. The zone file looks fine too. 
> $TTL 3h
> ;
> ; Data file for reverse address to hostname for 237.200.194.in-addr.arpa

You shouldn't be authoritative for the entire /24's reverse zone.  The 
name of this zone should be 128.237.200.194.in-addr.arpa, according to 
the delegation in the 237.200.194.in-addr.arpa zone.

However, it looks like Pipex hasn't actually delegated it to your 
server.  The delegations just point to ns0-01.dns.pipex.net and 
ns1-01.dns.pipex.net, and the SOA record lists their server as the 
master.

Once you correct your configuration, you need to contact Pipex and have 
them fix the delegation, and configure their servers as slaves to yours.

> ;
> @  IN   SOA     helios.sciencephoto.co.uk.  (
>                         200502090 ; Serial
>                         28800   ; Refresh - 8 hours
>                         7200    ; Retry - 2 hours
>                         864000  ; Expire - 10 days
>                         86400 ) ; Minimum - one day
>         IN      NS      helios.sciencephoto.co.uk.
>         IN      NS      ns0.pipex.net.
>         IN      NS      ns1.pipex.net.
>         IN      NS      nemesis.sciencephoto.co.uk.
> 129                             IN      PTR     helios.sciencephoto.co.uk.
> ...snip
> 
> Does anyone have any idea what else I can try. I have exhusted my toolset on 
> this and 
> haven't got a clue what to try next.
> Thanx.
> Dp.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***

More information about the bind-users mailing list