Reverse DNS issues

Tuc at T-B-O-H ml at t-b-o-h.net
Thu Jan 5 16:55:31 UTC 2006 

> > Hi,
> > 
> > 	This now seems to be affecting me on 2 different servers....
> > 
> >  
> > > In article <doqeil$14tl$1 at sf1.isc.org>, Tuc at T-B-O-H <ml at t-b-o-h.net> 
> > > wrote:
> > > 
> > > > > 
> > > > > In article <doq5rs$2k21$1 at sf1.isc.org>, Tuc at T-B-O-H <ml at t-b-o-h.net> 
> > > > > wrote:
> > > > > 
> > > > > > Hi,
> > > > > > 
> > > > > > 	I'm having a problem on a FreeBSD 4.10 system running BIND
> > > > > > 8.3.7 . I don't think its been like this forever, but the only thing
> > > > > > I've done lately to the machine is add a virtual interface (tun1)
> > > > > > to the machine. But for some reason :
> > > > > > 
> > > > > > -bash-2.05b$ nslookup
> > > > > > Default Server:  localhost
> > > > > > Address:  127.0.0.1
> > > > > > 
> > > > > > > 128.90.107.204.in-addr.arpa.
> > > > > > Server:  localhost
> > > > > > Address:  127.0.0.1
> > > > > > 
> > > > > > *** Request to localhost timed-out
> > > > > > 
> > > > > > -bash-2.05b$ dig @127.0.0.1 -x 204.107.90.128
> > > > > > 
> > > > > > ; <<>> DiG 8.3 <<>> @127.0.0.1 -x 
> > > > > > ; (1 server found)
> > > > > > ;; res options: init recurs defnam dnsrch
> > > > > > ;; res_nsend: Operation timed out
> > > > > 
> > > > > Try:
> > > > > 
> > > > > dig +trace -x 204.107.90.128
> > > > > 
> > > > 	I don't have a version of dig with trace. :-/ I have debug
> > > > though...
> > > 
> > > Then get yourself the current version of dig.  Debug isn't telling you 
> > > anything you don't already know, which is that your local named can't 
> > > seem to look this up.
> > > 
> > > You can also dump your cache to see if it has correct info for 
> > > 204.in-addr.arpa.
> > > 
> > I compiled bind9 in its own directory, but not installed.
> > 
> > When I run it "by itself" I get :
> > 
> > vjofn# ./bin/dig/dig +trace -x 204.107.90.128
> > 
> > ; <<>> DiG 9.3.1 <<>> +trace -x 204.107.90.128
> > ;; global options:  printcmd
> > .                       370004  IN      NS      D.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      A.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      H.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      C.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      G.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      F.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      B.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      J.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      K.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      L.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      M.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      I.ROOT-SERVERS.NET.
> > .                       370004  IN      NS      E.ROOT-SERVERS.NET.
> > ;; Received 436 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
> > 
> > 204.in-addr.arpa.       86400   IN      NS      chia.ARIN.NET.
> > 204.in-addr.arpa.       86400   IN      NS      dill.ARIN.NET.
> > 204.in-addr.arpa.       86400   IN      NS      BASIL.ARIN.NET.
> > 204.in-addr.arpa.       86400   IN      NS      henna.ARIN.NET.
> > 204.in-addr.arpa.       86400   IN      NS      indigo.ARIN.NET.
> > 204.in-addr.arpa.       86400   IN      NS      epazote.ARIN.NET.
> > 204.in-addr.arpa.       86400   IN      NS      figwort.ARIN.NET.
> > ;; Received 196 bytes from 128.8.10.90#53(D.ROOT-SERVERS.NET) in 9 ms
> > 
> > 90.107.204.in-addr.arpa. 86400  IN      NS      ns15.zoneedit.com.
> > 90.107.204.in-addr.arpa. 86400  IN      NS      ns18.zoneedit.com.
> > ;; Received 95 bytes from 2001:440:2000:1::21#53(chia.ARIN.NET) in 151 ms
> > 
> > 128.90.107.204.in-addr.arpa. 7200 IN    PTR     
> vjofn.tucs-beachin-obx-house.com
> > .
> > 90.107.204.in-addr.arpa. 7200   IN      NS      ns15.zoneedit.com.
> > 90.107.204.in-addr.arpa. 7200   IN      NS      ns18.zoneedit.com.
> > ;; Received 138 bytes from 72.9.106.68#53(ns18.zoneedit.com) in 16 ms
> > 
> > 
> > 
> > 
> > And when I force it to the local server (only?) 
> > 
> > vjofn# ./bin/dig/dig @127.0.0.1 +trace -x 204.107.90.128
> > 
> > ; <<>> DiG 9.3.1 <<>> @127.0.0.1 +trace -x 204.107.90.128
> > ; (1 server found)
> > ;; global options:  printcmd
> > .                       369785  IN      NS      K.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      L.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      M.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      I.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      E.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      D.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      A.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      H.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      C.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      G.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      F.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      B.ROOT-SERVERS.NET.
> > .                       369785  IN      NS      J.ROOT-SERVERS.NET.
> > ;; Received 436 bytes from 127.0.0.1#53(127.0.0.1) in 2 ms
> > 
> > 204.in-addr.arpa.       86400   IN      NS      chia.arin.net.
> > 204.in-addr.arpa.       86400   IN      NS      dill.arin.net.
> > 204.in-addr.arpa.       86400   IN      NS      basil.arin.net.
> > 204.in-addr.arpa.       86400   IN      NS      henna.arin.net.
> > 204.in-addr.arpa.       86400   IN      NS      indigo.arin.net.
> > 204.in-addr.arpa.       86400   IN      NS      epazote.arin.net.
> > 204.in-addr.arpa.       86400   IN      NS      figwort.arin.net.
> > ;; Received 196 bytes from 193.0.14.129#53(K.ROOT-SERVERS.NET) in 79 ms
> > 
> > 90.107.204.in-addr.arpa. 86400  IN      NS      ns15.zoneedit.com.
> > 90.107.204.in-addr.arpa. 86400  IN      NS      ns18.zoneedit.com.
> > ;; Received 95 bytes from 2001:440:2000:1::21#53(chia.arin.net) in 154 ms
> > 
> > 128.90.107.204.in-addr.arpa. 7200 IN    PTR     
> vjofn.tucs-beachin-obx-house.com.
> > 90.107.204.in-addr.arpa. 7200   IN      NS      ns15.zoneedit.com.
> > 90.107.204.in-addr.arpa. 7200   IN      NS      ns18.zoneedit.com.
> > ;; Received 138 bytes from 72.9.106.68#53(ns18.zoneedit.com) in 16 ms
> > 
> > 
> > 	If I run it w/o the +trace :
> > 
> > vjofn# ./bin/dig/dig @127.0.0.1  -x 204.107.90.128
> > 
> > ; <<>> DiG 9.3.1 <<>> @127.0.0.1 -x 204.107.90.128
> > ; (1 server found)
> > ;; global options:  printcmd
> > ;; connection timed out; no servers could be reached
> > 
> > 
> > 
> > 
> > 	Why does it look like its getting the answer when I trace, but
> > not as normal.
> 
> Tuc:
> 
> Looks like one of your nameservers is not responding:
> 
> FAIL	All nameservers respond	
> 
> ERROR: Some of your nameservers listed at the parent nameservers did not 
> respond. The ones that did not respond are:
> 
> 72.9.106.68
> 
> 
> Note: If you are running a Watchguard Firebox with DNS Proxy enabled, there may 
> be a bug causing port numbers get mixed up -- if this is the case, you can 
> contact Watchguard to see if they have a fix.
>

Thanks for the reply, but not sure how this is a problem. I have 2 servers
and the other is working.  And no, there is no DNS proxy.
> 
> See http://dnsreport.com/tools/dnsreport.ch?domain=tucs-beachin-obx-house.com
> 
> and
> 
> FAIL	Connect to mail servers	
> 
> ERROR: I could not complete a connection to one or more of your mailservers:
> vjofn-v6.tucs-beachin-obx-house.com: Could not connect without glue or A record.
>
	Its an IPV6 address. But how does a mailserver prevent my DNS server
from doing reverse DNS?
> 
> t-b-o-h.net looks to be in good shape though.
>
	Thanks... But this is only about issues with ANY reverse DNS.

		Thanks, Tuc

More information about the bind-users mailing list