No query to root-nameserver for private ips

Kevin Darcy kcd at daimlerchrysler.com
Fri Mar 17 03:42:24 UTC 2006 

Is there anything in your 10.in-addr.arpa zone besides the zone apex 
(the SOA and NS records for 10.in-addr.arpa) and the delegation of 
10.10.10.in-addr.arpa? It's almost acting like there are other 
delegations at the /16 level...

For that matter, could you just post your named.conf, and the 
10.in-addr.arpa zonefile? Might eliminate some guesswork.

                                                                         
                                                      - Kevin

Leopold Aichinger wrote:

>Am Tue, 14 Mar 2006 15:19:30 -0500 schrieb Kevin Darcy:
>
> What happens if you do a 
>  
>
>>query directly of the 10.in-addr.arpa domain, e.g. for its SOA record? 
>>Do you get a good response?
>>
>>    
>>
>
>
>Sorry I forgot to answer your second question:
>
>If I do a (logged in on the internal dns):
>
># host -vt soa 10.in-addr.arpa 127.0.0.1
>
>I get the following output:
>----------------------------------
>Trying "10.in-addr.arpa"
>Using domain server:
>Name: 127.0.0.1
>Address: 127.0.0.1#53
>Aliases: 
>
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55061
>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
>
>;; QUESTION SECTION:
>;10.in-addr.arpa.		IN	SOA
>
>;; ANSWER SECTION:
>10.in-addr.arpa.	604800	IN	SOA	router1.bfi20s. administrator.baz.at.10.in-addr.arpa. 1997022700 10800 3600 604800 86400
>
>;; AUTHORITY SECTION:
>10.in-addr.arpa.	604800	IN	NS	router1.bfi20s.
>
>;; ADDITIONAL SECTION:
>router1.bfi20s.		38400	IN	A	172.30.0.2
>router1.bfi20s.		38400	IN	A	10.10.10.11
>
>Received 150 bytes from 127.0.0.1#53 in 1 ms
>-----------------------------
>
>Looks fine, does'nt it
>but if I do a query for 10.11.12.13(for a host in a net we don't use)
>I get (The query was done directly logged in on the internal dns):
>
># dig 10.11.12.13
>
>I get the following output:
>---------------------------------------------
>; <<>> DiG 9.2.4 <<>> 10.11.12.13
>;; global options:  printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62626
>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
>;; QUESTION SECTION:
>;10.11.12.13.			IN	A
>
>;; AUTHORITY SECTION:
>.			10800	IN	SOA	A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2006031401 1800 900 604800 86400
>
>;; Query time: 347 msec
>;; SERVER: 127.0.0.1#53(127.0.0.1)
>;; WHEN: Wed Mar 15 08:26:32 2006
>;; MSG SIZE  rcvd: 104
>----------------------------------------------
>Note the Query time - 347 msec - which also gives a hint that the dns
>tries to query an external dns.
>
>thx
>
>leopold aichinger
>
>
>
>
>
>  
>

More information about the bind-users mailing list