Subnetted Reverse DNS - Going crazy
Mark Andrews
Mark_Andrews at isc.org
Tue Nov 6 23:00:15 UTC 2007
> Unfortunately I cant get verizon to do anything yet because I cannot resolve
> the zone locally. There software does a DNS verification to make sure that
> the zone is configured before they delegate it. But the zone is not working
> at all on our servers so they cannot delegate it.
How did you decide that it doesn't work? Note "dig -x" is
not the proper test. That assumes that the parent zone is
setup which it isn't at this point.
Assuming you are setting up 208-223.130.212.65.in-addr.arpa
you need to make this query to each of the servers for the
zone and get back the SOA record and the "aa" flag should be
set.
dig +norec soa 208-223.130.212.65.in-addr.arpa @server
Mark
> On 11/6/07, Mark Andrews <Mark_Andrews at isc.org> wrote:
> >
> >
> > > I have been assigned a /28 ip range and am having some issues setting up
> > > reverse dns.
> >
> > Talk to Verizon. You and them need to decide how this
> > delegation will be performed. See RFC 2317 for details.
> > They will have done this before and will have a prefered
> > convention (208-223.130.212.65.in-addr.arpa vs
> > 208/28.130.212.65.in-addr.arpa vs ....).
> >
> > You should also make yourself a slave to 130.212.65.in-addr.arpa.
> > That way you will have the CNAMEs locally when your link goes
> > down. This will allow you nameserver to map between the well
> > known names and the names you are actually using to hold the
> > PTR records.
> >
> > zone "130.212.65.in-addr.arpa" {
> > type slave;
> > file "130.212.65.in-addr.arpa";
> > notify no;
> > masters { 198.6.100.21; };
> > };
> >
> > Mark
> >
> > > So far I have tried setting up my named.conf two ways:
> > > named.conf:
> > > zone "208-223.130.212.65.in-addr.arpa" IN {
> > > type master;
> > > file "65.212.130.rev";
> > > allow-update { none; };
> > > allow-query { any; };
> > > };
> > >
> > > or
> > >
> > > zone "208/28.130.212.65.in-addr.arpa" IN {
> > > type master;
> > > file "65.212.130.rev";
> > > allow-update { none; };
> > > allow-query { any; };
> > > };
> > >
> > > and I have my db file setup like so:
> > >
> > >
> > > $TTL 43200
> > > @ IN SOA dns2.external.com. mail.external.com. (
> > > 2007110601 ; Serial
> > > 1H ; Refresh
> > > 30M ; Retry
> > > 2D ; Expire
> > > 12H ) ; Minimum
> > >
> > > IN NS dns2.external.com.
> > > IN NS dns1.external.com.
> > >
> > > 210 IN PTR hosta.com.
> > > 220 IN PTR hostb.com.
> > >
> > > If I do an nslookup I get:
> > >
> > > ** server can't find 220.130.212.65.in-addr.arpa: NXDOMAIN
> > >
> > > and Dig gives me the same information showing that the ip is hosted with
> > my
> > > ISP. I am trying to get this working so that my ISP can delegate the
> > domain.
> > >
> > > If I set the zone to a class c I can resolve properly so I know it isnt
> > a
> > > formatting issue in by db file but I cannot figure out what I am doing
> > > wrong. Can someone please help?
> > --
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
> >
>
> ------=_Part_14697_19607367.1194389376581
> Content-Type: text/html; charset=ISO-8859-1
> Content-Transfer-Encoding: quoted-printable
> Content-Disposition: inline
>
> Unfortunately I cant get verizon to do anything yet because I cannot resolv=
> e the zone locally. There software does a DNS verification to make sure tha=
> t the zone is configured before they delegate it. But the zone is not worki=
> ng at all on our servers so they cannot delegate it.
> <br><br>
> <div><span class=3D"gmail_quote">On 11/6/07, <b class=3D"gmail_sendername">=
> Mark Andrews</b> <<a href=3D"mailto:Mark_Andrews at isc.org">Mark_Andrews at i=
> sc.org</a>> wrote:</span>
> <blockquote class=3D"gmail_quote" style=3D"PADDING-LEFT: 1ex; MARGIN: 0px 0=
> px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><br>> I have been assigned a =
> /28 ip range and am having some issues setting up<br>> reverse dns.<br>
> <br> Talk to Verizon. You an=
> d them need to decide how this<br> dele=
> gation will be performed. See RFC 2317 for details.<br> &nb=
> sp; They will have done this before and will have a=
> prefered<br> convention (
> 208-223.130.212.65.in-addr.arpa vs<br> =
> 208/28.130.212.65.in-addr.arpa vs ....).<br><br> &nb=
> sp; You should also make yourself a slave to 130.212.65.in-addr.arpa.=
> <br> That way you will have the CNAMEs =
> locally when your link goes
> <br> down. This will allow y=
> ou nameserver to map between the well<br> &nbs=
> p; known names and the names you are actually using to hold the<br> &n=
> bsp; PTR records.<br><br> &n=
> bsp; zone "130.2=
> 12.65.in-addr.arpa
> " {<br> &nb=
> sp; type =
> slave;<br>  =
> ; file &q=
> uot;130.212.65.in-addr.arpa";<br> &=
> nbsp; &nbs=
> p; notify no;<br> &nbs=
> p; &=
> nbsp; masters { <a href=3D"http://198.6.100.21">198.6.100.21
> </a>; };<br> &nb=
> sp; };<br><br> Mark<b=
> r><br>> So far I have tried setting up my named.conf two ways:<br>> n=
> amed.conf:<br>> zone "208-223.130.212.65.in-addr.arpa" IN {<br=
> >> type master;
> <br>> file "65.212.=
> 130.rev";<br>> allo=
> w-update { none; };<br>> =
> allow-query { any; };<br>> };<br>><br>> or<br>><br>> zone &=
> quot;208/28.130.212.65.in-addr.arpa" IN {
> <br>> type master;<br>&g=
> t; file "65.212.130.re=
> v";<br>> allow-upda=
> te { none; };<br>> allow=
> -query { any; };<br>> };<br>><br>> and I have my db file setup lik=
> e so:<br>
> ><br>><br>> $TTL 43200<br>> @  =
> ; IN SOA &n=
> bsp; <a href=3D"http://dns2.external.com">dns2.external.com</a>=
> . <a href=3D"http://mail.external.com">mail.external.com</a>. (<=
> br>> &n=
> bsp;  =
> ; &n=
> bsp; 2007110601 ; Serial
> <br>> &=
> nbsp; &nbs=
> p; &=
> nbsp; 1H ; Refresh<br>> &n=
> bsp;  =
> ; &n=
> bsp; 30M =
> ; Retry<br>> =
> &nb=
> sp; =
> 2D ; Expire<br>> &n=
> bsp;  =
> ; &n=
> bsp; 12H ) =
> ; ; Minimum
> <br>><br>> IN &n=
> bsp; NS <a href=
> =3D"http://dns2.external.com">dns2.external.com</a>.<br>> &nb=
> sp; IN NS&=
> nbsp; <a href=3D"http://dns1.external.com">dns=
> 1.external.com</a>.<br>><br>> 210 IN &nb=
> sp; PTR =20
> <a href=3D"http://hosta.com">hosta.com</a>.<br>> 220 &n=
> bsp; IN PTR <a h=
> ref=3D"http://hostb.com">hostb.com</a>.<br>><br>> If I do an nslookup=
> I get:<br>><br>> ** server can't find 220.130.212.65.in-addr.arp=
> a
> : NXDOMAIN<br>><br>> and Dig gives me the same information showing th=
> at the ip is hosted with my<br>> ISP. I am trying to get this working so=
> that my ISP can delegate the domain.<br>><br>> If I set the zone to =
> a class c I can resolve properly so I know it isnt a
> <br>> formatting issue in by db file but I cannot figure out what I am d=
> oing<br>> wrong. Can someone please help?<br>--<br>Mark Andrews, ISC<br>=
> 1 Seymour St., Dundas Valley, NSW 2117, Australia<br>PHONE: +61 2 9871 4742=
> &nb=
> sp; INTERNET:=20
> <a href=3D"mailto:Mark_Andrews at isc.org">Mark_Andrews at isc.org</a><br></block=
> quote></div><br>
>
> ------=_Part_14697_19607367.1194389376581--
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list