176.176-176.233.19.84.in-addr.arpa ptr, dig -x 84.19.233.176 +trace fails, host 84.19.233.176 works

Kevin Darcy kcd at daimlerchrysler.com
Wed Mar 30 01:03:48 UTC 2005 

RFC 2317 only needs to be used when you want to delegate control of a 
range that does not fall on an octet boundary. /32 is, technically, on 
an octet boundary. You can delegate 176.233.19.84.in-addr.arpa directly 
as a subzone of 233.19.84.in-addr.arpa -- no need for CNAMEs or any of 
that "176-176" rubbish.

As for why the dig +trace fails, I think it's because there is no 
delegation from 84.in-addr.arpa to 19.84.in-addr.arpa or anything below:

% dig -x 84.19.233.176 ptr

; <<>> DiG 9.2.2rc1 <<>> -x 84.19.233.176 ptr
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31050
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;176.233.19.84.in-addr.arpa.    IN      PTR

;; AUTHORITY SECTION:
84.in-addr.arpa.        7200    IN      SOA     ns-pri.ripe.net. 
ops.ripe.net. 2005032970 43200 7200 1209600 7200

;; Query time: 37 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Mar 29 19:56:59 2005
;; MSG SIZE  rcvd: 99

%

I guess someone would need to talk to RIPE about that...

                                                                         
                     - Kevin

Craig Skinner wrote:

>Hi there,
>
>I work for an ISP and I'm setting up the first reverse DNS for a 
>customer who wants to run his own DNS server on a /32 IP that we've 
>allocated, and I'm stumped. We are filling up or colo racks quite fast 
>now so I expect this will become more common for us to setup.
>
>
>
>
>I've setup this in "Zone:  233.19.84.in-addr.arpa":
>170 PTR  mail.capital-scanning.co.uk. (another unrelated customer)
>176 CNAME  176.176-176.233.19.84.in-addr.arpa.
>176-176 NS  name.dns-slave.co.uk.
>176-176 NS  ns0.lumison.net.
>176-176 NS  ns.as12703.net.
>
>
>
>
>I've got the 2 slaves that we control to be authoritative (AXFR from the 
>master):
>
>[craigskinner at paganini craigskinner]$ dig @ns.as12703.net -x 
>84.19.233.176 ptr +short
>176.176-176.233.19.84.in-addr.arpa.
>dns-slave.co.uk.
>
>[craigskinner at paganini craigskinner]$ dig @ns0.lumison.net -x 
>84.19.233.176 ptr +short
>176.176-176.233.19.84.in-addr.arpa.
>dns-slave.co.uk.
>
>
>
>
>Triple revese lookups work:
>
>[craigskinner at stockhausen today]$ host www.dns-slave.co.uk
>www.dns-slave.co.uk is a nickname for dns-slave.co.uk
>dns-slave.co.uk has address 84.19.233.176
>
>[craigskinner at stockhausen today]$ host 84.19.233.176
>176.233.19.84.IN-ADDR.ARPA is a nickname for 
>176.176-176.233.19.84.IN-ADDR.ARPA
>176.176-176.233.19.84.IN-ADDR.ARPA domain name pointer dns-slave.co.uk
>
>[craigskinner at stockhausen today]$ host dns-slave.co.uk
>dns-slave.co.uk has address 84.19.233.176
>
>
>
>
>But what about this lot?????:
>
>[craigskinner at paganini craigskinner]$ dig @name.dns-slave.co.uk -x 
>84.19.233.176 ptr +short
>[craigskinner at paganini craigskinner]$ dig @name.dns-slave.co.uk 
>176.233.19.84.in-addr.arpa ptr +short
>[craigskinner at paganini craigskinner]$ dig @name.dns-slave.co.uk 
>176.176-176.233.19.84.in-addr.arpa ptr +short
>dns-slave.co.uk.
>
>[craigskinner at paganini craigskinner]$ dig -x 84.19.233.176 +trace
>
>; <<>> DiG 9.2.3rc3 <<>> -x 84.19.233.176 +trace
>;; global options:  printcmd
>.                       18823   IN      NS      b.root-servers.net.
>.                       18823   IN      NS      c.root-servers.net.
>.                       18823   IN      NS      d.root-servers.net.
>.                       18823   IN      NS      e.root-servers.net.
>.                       18823   IN      NS      f.root-servers.net.
>.                       18823   IN      NS      g.root-servers.net.
>.                       18823   IN      NS      h.root-servers.net.
>.                       18823   IN      NS      i.root-servers.net.
>.                       18823   IN      NS      j.root-servers.net.
>.                       18823   IN      NS      k.root-servers.net.
>.                       18823   IN      NS      l.root-servers.net.
>.                       18823   IN      NS      m.root-servers.net.
>.                       18823   IN      NS      a.root-servers.net.
>;; Received 436 bytes from 212.20.226.130#53(212.20.226.130) in 5 ms
>
>84.in-addr.arpa.        86400   IN      NS      NS3.NIC.FR.
>84.in-addr.arpa.        86400   IN      NS      SEC1.APNIC.NET.
>84.in-addr.arpa.        86400   IN      NS      SEC3.APNIC.NET.
>84.in-addr.arpa.        86400   IN      NS      SUNIC.SUNET.SE.
>84.in-addr.arpa.        86400   IN      NS      NS-PRI.RIPE.NET.
>84.in-addr.arpa.        86400   IN      NS      TINNIE.ARIN.NET.
>;; Received 287 bytes from 192.228.79.201#53(b.root-servers.net) in 172 ms
>
>84.in-addr.arpa.        7200    IN      SOA     ns-pri.ripe.net. 
>ops.ripe.net. 2005032568 43200 7200 1209600 7200
>;; Received 99 bytes from 192.134.0.49#53(NS3.NIC.FR) in 23 ms
>
>
>
>
>
>
>Does there need to be a 233.19.84.in-addr.arpa zone on 
>name.dns-slave.co.uk with this in it:
>
>176 CNAME  176.176-176.233.19.84.in-addr.arpa.
>176-176 NS  name.dns-slave.co.uk.
>176-176 NS  ns0.lumison.net.
>176-176 NS  ns.as12703.net.
>
>Obviously there would be no other data in this zone file on the 
>customer's OpenBSD box.
>
>Or should I remove "176-176 NS  name.dns-slave.co.uk." from 
>"233.19.84.in-addr.arpa"????
>
>Regards,
>Craig Skinner.
>
>
>
>
>
>  
>

More information about the bind-users mailing list