Quick reverse dns zone question
Doug Barton
dougb at dougbarton.us
Fri Jan 25 23:03:30 UTC 2013
On 1/25/2013 2:56 PM, Mauricio Tavares wrote:
> so I want to define a reverse dns zone to handle 172.16.101.64/27. In
> the named.conf file I set:
>
> acl bogusnets {
> 0.0.0.0/8;
> 1.0.0.0/8;
> 2.0.0.0/8;
> 192.0.2.0/24;
> 224.0.0.0/3;
> 10.0.0.0/8;
> !172.16.101.64/27;
> 172.16.0.0/12;
> 192.168.0.0/16;
> };
>
> [...]
> // 172.16.101.64/27
> // zone "101.16.172.in-addr.arpa" IN {
> // zone "64/27.101.16.172.in-addr.arpa" IN {
> zone "64-27.101.16.172.in-addr.arpa" IN {
> type master;
> file "/etc/bind/64-27.101.155.216.in-addr.arpa.zone";
> };
>
> but when I try to get, say, the fqdn for 172.16.191.84 (using dig or
> nslookup pointed at the above dns), I get
>
> Jan 17 15:52:05 mirror named[4078]: client 172.16.101.84#59786: RFC 1918
> response from Internet for 66.101.16.172.in-addr.arpa
>
> Since I know that if I use zone "101.16.172.in-addr.arpa" IN { it
> works as it should, I must believe it is ignoring my reverse zone and
> asking the big wide world to resolve my request. I thought that
> starting the zone with either 64-27 or 64/27 would define my
> less-than-class-C network (172.16.101.64/27).
It does, but unless the 2317 zone is delegated to you your resolver has
no way to know that. See https://dougbarton.us/DNS/2317.html for more
information.
Doug
More information about the bind-users
mailing list