Reverse DNS issues [SOLVED]
Tuc at T-B-O-H
ml at t-b-o-h.net
Sat Jan 7 00:30:26 UTC 2006
> Living is AUS and using cable I see this reasonably often.
> Idiots who think "we don't need to answer queries from
> APNIC" or "we don't need to answer queries from cable
> modems". The first set also cause my cable provider's
> nameservers to fail.
>
My server is on a /24 that I own in a datacenter in NY BGP'd to
two providers. I heard back from the people and they said "We don't know how
it got there, but its gone now". The wird part was it was /24 based, since
another /24 on the same BGP AS was fine!
>
> > Then the 2nd was more of a "Just for shits/giggles lemme try" type thing.
> > I commented out "query-source address * port 53;", and now I can get the
> > rest of the domains.... Must be a change they made to stop people using
> > them as a recursive resolver or something.
>
> No. Just idiots with firewalls that think queries can only
> come from high ports. Originally all server to server
> DNS/UDP traffic was port 53 to port 53 and we had idiots
> with firewalls that blocked non-port 53 sourced DNS traffic.
>
I asked about this.... They totally glossed over the issue and
just said if we see any more problems, contac them. I'm just happy it works,
and commented the same line out of another server (I *THOUGHT* it was a
standard for our servers, but I guess not) and that snapped to also.
Kinda restores SOME of my faith in my abilities... ;) Now to
figure out why a master in-addr.arpa zone I have on a local server
(192.168.3.X) isn't resolving properly to that machine.
Thanks, Tuc
More information about the bind-users
mailing list