reverse lookup returning "localhost"

Kevin Darcy kcd at daimlerchrysler.com
Thu Apr 12 22:29:08 UTC 2007 

Mimic the iterative resolution process. Start with your root servers. 
Query 3.2.1.207.in-addr.arpa. See what the referral is. Go to the next 
level down. Query 3.2.1.207.in-addr.arpa from one of the servers in the 
referral. See what the referral is. Repeat as necessary until you find 
who is answering with this bogus information.

You could also try the +trace option to "dig", although the output 
sometimes requires a little interpretation...

                                                                         
               - Kevin

Andrew Garnett wrote:
> All,
> I'm a bit baffled - we have an internal top-level DNS server for "company.com" (bind 9.2.1) which is reverse-resolving all IP addresses beginning with 207.x.x.x to "localhost".
> We have internal reverse lookup zones which work fine, and valid external reverse lookups seem to work fine. I don't have any references to 207 at all (and if we did, they wouldn't resolve every address to "localhost"). 
> Both nslookup and dig seem to suggest that it's getting this response locally, but I don't run a 207 zone. Sorry if I am missing something obvious. What can be returning "localhost" ?
>
> Here's the dig info (run on the actual DNS server 10.56.11.55) :-
>
> dig @10.56.11.55 -x 207.1.2.3
> ; <<>> DiG 9.2.0 <<>> @10.56.11.55 -x 207.1.2.3
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19725
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
> ;; QUESTION SECTION:
> ;3.2.1.207.in-addr.arpa.                IN      PTR
> ;; ANSWER SECTION:
> 3.2.1.207.in-addr.arpa. 172800  IN      PTR     localhost.
> ;; AUTHORITY SECTION:
> 207.in-addr.arpa.       172800  IN      NS      localhost.
> ;; ADDITIONAL SECTION:
> localhost.              82574   IN      A       127.0.0.1
> ;; Query time: 1161 msec
> ;; SERVER: 10.56.11.55#53(10.56.11.55)
> ;; WHEN: Thu Apr 12 12:55:05 2007
> ;; MSG SIZE  rcvd: 93
>
> Thanks for any help,
> A
>
>
>       ___________________________________________________________
> Yahoo! Answers - Got a question? Someone out there knows the answer. Try it
> now.
> http://uk.answers.yahoo.com/ 
>
>
>
>
>

More information about the bind-users mailing list