Forwarded PTR records not working properly

Alexander Fortin a.fortin at studiosynthesis.biz
Fri Apr 2 13:05:58 UTC 2010 

Hi folks. I'm having problems trying to set up a DNS forwarding zone for 
PTRs records.

The weird thing is that "normal" DNS zones are working fine, but using 
same configurations for the correspondent *.in.addr.arpa zone doesn't 
work. Very strange to me seems that queries using "host" work but with 
"dig" they don't.

The scenario involves my master DNS server trying to ask those records 
from a VPN-connected DNS authoritative server (which unfortunately I 
cannot transfer from). Of course, if I query directly the remote DNS 
server I get answers for both zones:

$ dig @192.168.20.21 hrsrv.mydomain.locale

; <<>> DiG 9.5.1-P3 <<>> @192.168.20.21 hrsrv.mydomain.locale
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50067
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;hrsrv.mydomain.locale.           IN      A

;; ANSWER SECTION:
hrsrv.mydomain.locale.    3600    IN      A       192.168.20.11

;; Query time: 696 msec
;; SERVER: 192.168.20.21#53(192.168.20.21)
;; WHEN: Fri Apr  2 14:45:55 2010
;; MSG SIZE  rcvd: 53

but...

$ dig @192.168.20.21 192.168.20.11 PTR

; <<>> DiG 9.5.1-P3 <<>> @192.168.20.21 192.168.20.11 PTR
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached


Curiously, with "host" it does work:

$ host -vvv 192.168.20.11 192.168.20.21
Server: servernd27.mydomain.locale
Address: 192.168.20.21

Default domain: mylocaldomain.biz
Search domains: mylocaldomain.biz
Timeout per retry: 5 secs
Number of retries: 2
Number of addresses: 1
192.168.20.21
Options set: INIT RECURSE DEFNAMES
Options clr: DEBUG AAONLY USEVC PRIMARY IGNTC STAYOPEN DNSRCH

Query about 192.168.20.11 for record types PTR
Name: hrsrv.mydomain.locale
Address: 192.168.20.11


This is my named.conf section, and, as I said, just the first one is 
working fine:

zone "mydomain.locale" {
         type forward;
         forward only;
         forwarders { 192.168.20.21; };
};

zone "20.168.192.in-addr.arpa" {
         type forward;
         forward only;
         forwarders { 192.168.20.21; };
};

Any hint? Why does this work just with "host"? Thanks!

-- 
Alexander Fortin

More information about the bind-users mailing list