Forwarded PTR records not working properly
Alexander Fortin
a.fortin at studiosynthesis.biz
Fri Apr 2 13:05:58 UTC 2010
Hi folks. I'm having problems trying to set up a DNS forwarding zone for
PTRs records.
The weird thing is that "normal" DNS zones are working fine, but using
same configurations for the correspondent *.in.addr.arpa zone doesn't
work. Very strange to me seems that queries using "host" work but with
"dig" they don't.
The scenario involves my master DNS server trying to ask those records
from a VPN-connected DNS authoritative server (which unfortunately I
cannot transfer from). Of course, if I query directly the remote DNS
server I get answers for both zones:
$ dig @192.168.20.21 hrsrv.mydomain.locale
; <<>> DiG 9.5.1-P3 <<>> @192.168.20.21 hrsrv.mydomain.locale
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50067
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;hrsrv.mydomain.locale. IN A
;; ANSWER SECTION:
hrsrv.mydomain.locale. 3600 IN A 192.168.20.11
;; Query time: 696 msec
;; SERVER: 192.168.20.21#53(192.168.20.21)
;; WHEN: Fri Apr 2 14:45:55 2010
;; MSG SIZE rcvd: 53
but...
$ dig @192.168.20.21 192.168.20.11 PTR
; <<>> DiG 9.5.1-P3 <<>> @192.168.20.21 192.168.20.11 PTR
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
Curiously, with "host" it does work:
$ host -vvv 192.168.20.11 192.168.20.21
Server: servernd27.mydomain.locale
Address: 192.168.20.21
Default domain: mylocaldomain.biz
Search domains: mylocaldomain.biz
Timeout per retry: 5 secs
Number of retries: 2
Number of addresses: 1
192.168.20.21
Options set: INIT RECURSE DEFNAMES
Options clr: DEBUG AAONLY USEVC PRIMARY IGNTC STAYOPEN DNSRCH
Query about 192.168.20.11 for record types PTR
Name: hrsrv.mydomain.locale
Address: 192.168.20.11
This is my named.conf section, and, as I said, just the first one is
working fine:
zone "mydomain.locale" {
type forward;
forward only;
forwarders { 192.168.20.21; };
};
zone "20.168.192.in-addr.arpa" {
type forward;
forward only;
forwarders { 192.168.20.21; };
};
Any hint? Why does this work just with "host"? Thanks!
--
Alexander Fortin
More information about the bind-users
mailing list