AW: BIND9 behind NAT: no reverse lookup from external net
Ronan Flood
ronan at noc.ulcc.ac.uk
Wed Mar 2 14:33:41 UTC 2005
"Markus Wollny" <Markus.Wollny at computec.de> wrote:
> I think it might be a delegation problem on behalf of our provider (it's
The delegation (from 212.in-addr.arpa) looks OK:
dig @ns-pri.ripe.net. 108.123.212.in-addr.arpa. ns +norec
;; AUTHORITY SECTION:
108.123.212.in-addr.arpa. 172800 IN NS ns1.computec.de.
108.123.212.in-addr.arpa. 172800 IN NS ns1.sec-dns.de.
> sometimes a quite tedious task to actually get some answer from them,
> let alone problems solved...). I've got another reverse lookup zone on
> that machine and this one is working fine. I suspect that if you send a
> query over TCP, the server does answer without bothering about
> delegation, but when doing it the standard UDP-way, it doesn't provide
> the answer if there's no delegation for that zone.
I doubt that. I would consult your firewall admin to see if there's
any config on it to intercept PTR queries. Also you could turn on
query-logging on your nameserver to see if it actually gets the PTR
queries for this zone.
--
Ronan Flood <R.Flood at noc.ulcc.ac.uk>
working for but not speaking for
Network Services, University of London Computer Centre
(which means: don't bother ULCC if I've said something you don't like)
More information about the bind-users
mailing list