reverse DNS servfail
Danny Mayer
mayer at gis.net
Thu Jul 21 13:51:18 UTC 2005
/dev/rob0 wrote:
> A customer of mine just today got a new ISP. The new IP is
> 69.15.253.106. At this time the reverse lookup is failing:
> $ host 69.15.253.106
> Host 106.253.15.69.in-addr.arpa not found: 2(SERVFAIL)
> $ host -tns 253.15.69.in-addr.arpa
> Host 253.15.69.in-addr.arpa not found: 2(SERVFAIL)
> $ host -tns 15.69.in-addr.arpa
> Host 15.69.in-addr.arpa not found: 2(SERVFAIL)
>
> I asked the ISP (cbeyond.net) for RFC 2317, section 5.2, classless rDNS
> delegation: with CNAMEs pointing to PTR records in our forward zone. (I
> do have and can query the PTR's corresponding to my CNAME requests.) The
> customer service people talked to their "DNS engineers" [snicker] who
> told them to tell me:
> "Our DNS Engineers have stated that Cbeyond's DNS service does
> not support this form of classless addressing."
> Before I asked, I tested and got NXDOMAIN on this IP. Now it's SERVFAIL.
>
> Before I approach the "DNS engineers" I want to know a bit more.
>
> 1. Is there a way to tell if they're running BIND?
> a. If so, why would it "not support" RFC 2317 classless delegation?
> b. If not, can this be true? Maybe in their junkware the in-addr.arpa
> zones are hard-coded to only allow PTR records?
> 2. Is there a way to tell from the outside why they're getting SERVFAIL?
> 3. Is anyone else familiar with Cbeyond in particular?
>
> Oh, I looked up another IP in Cbeyond's block, and it wasn't SERVFAIL.
> These are the servers:
> $ host -tns 20.15.69.in-addr.arpa
> 20.15.69.in-addr.arpa name server infinity.cbeyond.net.
> 20.15.69.in-addr.arpa name server to.cbeyond.net.
> 20.15.69.in-addr.arpa name server beyond.cbeyond.net.
>
> I don't understand why I can get 20.15.69.in-addr.arpa but I can't get
> 15.69.in-addr.arpa.
They are running BIND 9.3.1-NT1 so they do support RFC 2317 classless
delegation. 15.69.in-addr.arpa is delegated to them but nothing seems to
be set up beyond that. It looks like they have something misconfigured,
hence the error messages.
Danny
More information about the bind-users
mailing list