Issue with reverse dns and local caching name server
Jason Crummack
jason.crummack at easysoft.com
Wed Jun 10 15:04:03 UTC 2009
Kirk wrote:
>> $ dig +trace @127.0.0.1 -x 203.22.30.47
>>
>> ; <<>> DiG 9.4.3 <<>> +trace @127.0.0.1 -x 203.22.30.47
>> ; (1 server found)
>> ;; global options: printcmd
>> . 517909 IN NS G.ROOT-SERVERS.NET.
>> . 517909 IN NS A.ROOT-SERVERS.NET.
>> . 517909 IN NS B.ROOT-SERVERS.NET.
>> . 517909 IN NS K.ROOT-SERVERS.NET.
>> . 517909 IN NS J.ROOT-SERVERS.NET.
>> . 517909 IN NS M.ROOT-SERVERS.NET.
>> . 517909 IN NS H.ROOT-SERVERS.NET.
>> . 517909 IN NS L.ROOT-SERVERS.NET.
>> . 517909 IN NS C.ROOT-SERVERS.NET.
>> . 517909 IN NS I.ROOT-SERVERS.NET.
>> . 517909 IN NS E.ROOT-SERVERS.NET.
>> . 517909 IN NS F.ROOT-SERVERS.NET.
>> . 517909 IN NS D.ROOT-SERVERS.NET.
>> ;; Received 492 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
>>
>> 203.in-addr.arpa. 86400 IN NS TINNIE.ARIN.NET.
>> 203.in-addr.arpa. 86400 IN NS NS-SEC.RIPE.NET.
>> 203.in-addr.arpa. 86400 IN NS NS4.APNIC.NET.
>> 203.in-addr.arpa. 86400 IN NS DNS1.TELSTRA.NET.
>> 203.in-addr.arpa. 86400 IN NS NS1.APNIC.NET.
>> 203.in-addr.arpa. 86400 IN NS NS3.APNIC.NET.
>> ;; Received 185 bytes from 202.12.27.33#53(M.ROOT-SERVERS.NET) in 273 ms
>>
>> 30.22.203.in-addr.arpa. 86400 IN NS ns.bigtrolley.com.au.
>> 30.22.203.in-addr.arpa. 86400 IN NS ns.opensystems.com.au.
>> ;; Received 106 bytes from 193.0.0.196#53(NS-SEC.RIPE.NET) in 26 ms
>>
>> 47.30.22.203.in-addr.arpa. 38400 IN PTR mail.opensystems.com.au.
>> 30.22.203.in-addr.arpa. 38400 IN NS ns02.opensystems.com.au.
>> 30.22.203.in-addr.arpa. 38400 IN NS ns01.opensystems.com.au.
>> ;; Received 150 bytes from 203.22.30.26#53(ns.bigtrolley.com.au) in
>> 326 ms
>>
>>
>
> Not sure I'm correct here, but wondering if this has something to do
> with:
> ns.opensystems.com.au. is aliased to ns01.opensystems.com.au.
> ns.bigtrolley.com.au. is aliased to ns02.opensystems.com.au.
>
>
>> running bind version 9.4.3
>>
>> named.conf
>> <<<
>> options {
>> directory "/var/named";
>> query-source address 192.168.0.15 port 53;
>
> Off topic, I thought setting a query-source port is a bad thing with
> regards to DNS cache poisoning attacks.
>
>> allow-recursion { any; };
>> allow-query { any; };
>> allow-query-cache { any; };
>> };
>>
>> logging {
>> category lame-servers { null; };
>> };
>>
>> # main root caches
>> zone "." {
>> type hint;
>> file "root.cache";
>> };
>> >>>
>
>
Thanks for the heads up on the query-source port kirk will remove it.
Found out that the name servers that our hosting provider has (the ones
that work) use a simpleDNS cluster so guessing maybe they work by not
being as strict on name reversing as bind is.
Jason
More information about the bind-users
mailing list