rDNS

Mark Andrews marka at isc.org
Fri Jan 20 23:36:44 UTC 2017 

In message <bed324186eba4d68a4fbf4513747edbd at mxph4chrw.fgremc.it>, "Darcy Kevin (FCA)" writes:
> I think the ISP may have done something untoward with 87.233.202.162.in-addr.arpa, since I'm 
> getting a NODATA response for that name, from the 233.202.162.in-addr.arpa zone, most probabl
> y because it's an empty non-terminal. But what would be under that, and why?

They just haven't put in a CNAME for the broadcast address.
 
; <<>> DiG 9.12.0-pre-alpha+hotspot+add-prefetch+marka <<>> 87.233.202.162.in-addr.arpa ptr
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57508
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: ca17d311c21b67e97ff0dfc358829ec97d7d5f968d33a429 (good)
;; QUESTION SECTION:
;87.233.202.162.in-addr.arpa.	IN	PTR

;; AUTHORITY SECTION:
233.202.162.in-addr.arpa. 3583	IN	SOA	ns1.swbell.net. postmaster.swbell.net. 2016061700 10800 900 604800 3600

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jan 21 10:35:37 EST 2017
;; MSG SIZE  rcvd: 145

Mark

> 		- Kevin
> 
> 
> -----Original Message-----
> From: bind-users [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Mark Andrews
> Sent: Friday, January 20, 2017 3:55 PM
> To: bind-users at isc.org
> Subject: Re: rDNS
> 
> 
> You have the netblock 162.202.233.80-162.202.233.87 (162.202.233.80/29).
> 
> When software performs a reverse lookup it constructs a DNS name from the address like 80.233
> .202.162.in-addr.arpa.  Now as the netblock is not a full /24 you either have to create 8 zon
> es, one for each PTR record, or provide records at those names which map the lookups to new n
> ames.  The later is what has been done here.
> The technique is described in RFC 2317.
> 
> ATT has delegated a zone for the first address in the address block to you.  That zone is cal
> led 80.233.202.162.in-addr.arpa.  It has then added CNAME records to map lookups for the rest
>  of the address in your address block into this zone.
> 
> e.g.
> 
> 81.233.202.162.in-addr.arpa. CNAME 81.80.233.202.162.in-addr.arpa.
> ...
> 86.233.202.162.in-addr.arpa. CNAME 86.80.233.202.162.in-addr.arpa.
> 
> The 80.233.202.162.in-addr.arpa zone should look like this.
> 
> $TTL 1h
> @	SOA	ns1.archaxis.net. me.archaxis.net. (
> 		2017012002 ; Serial
> 		1h ; Refresh
> 		1h ; Retry
> 		4w ; Expire
> 		1h ) ; Negative cashing TTL
> 	NS ns1.archaxis.net.
> 	NS ns2.archaxis.net.
> 	PTR network.archaxis.net.
> 81	PTR alpha.archaxis.net.
> 82	PTR bravo.archaxis.net.
> 87	PTR broadcast.archaxis.net.
> 
> I increased the expire field to 4 weeks as it was way too small.
> Note the reverse for 162.202.233.80 is NOT mapped to a new name so the PTR record for that ad
> dress is at the zone's apex.  As all the records had a TTL of 1 hour I set the default TTL to
>  that value and removed the per record setting of the TTL.  I also removed the class field as
>  that is inherited from the zone's declaration.
> 
> Don't forget to bump the zones serial when you install it.
> 
> Once you have the above sorted out and have tested it.  You now need to slave the zone 233.20
> 2.162.in-addr.arpa as that contains the CNAME records.  ATT should allow you to transfer it. 
>  If they don't find a ISP that knows what they are doing.  You need a local copy of the zone 
> so that when you link goes down you can still do reverse lookups.
> 
> zone "233.202.162.in-addr.arpa" {
> 	type slave;
> 	masters { 151.164.1.1; };
> 	file "233.202.162.in-addr.arpa";
> };
> 
> Mark
> 
> In message <20170120162146.GA14356 at fantomas.sk>, Matus UHLAR - fantomas writes:
> > On 20.01.17 09:57, Ron Wingfield wrote:
> > >   I am having difficulty configuring reverse DNS. This has been a
> > problem
> > >   for over a year between my server(s) and my ISP, AT&T. Specifically, I
> > >   cannot eMail to any recipient that requires rDNS verification, e.g.,
> > >   SBCglobal.net, Comcast.net, or AOL. Very frustrating.
> >
> > >   . . .why shouldnt this point to my server, 162.202.233.81 and not
> > >   AT&Ts?
> >
> > because reverse domains are also tracked from the DNS root:
> >
> > 233.202.162.in-addr.arpa.	7200	IN      SOA	ns1.swbell.net.
> > postmaster.swbell.net. 2016061700 10800 900 604800 3600
> >
> > 81.233.202.162.in-addr.arpa.	7200	IN	CNAME	
> > 81.80.233.202.162.in-addr.arpa.
> >
> > >   I have coded my BIND 9 in-addr.arpa zone file as follows:
> > >
> > >   $ORIGIN 233.202.162.in-addr.arpa.
> >
> > stop defining $ORIGIN in zone file. the $ORIGIN is taken from named "zone"
> > statement.
> >
> > According to those above you have to configure zone 
> > 80.233.202.162.in-addr.arpa.
> > and adk swbell.net to fetchit from you.
> >
> > >   $TTL 3h
> > >   @ IN SOA ns1.archaxis.net. me.archaxis.net. (
> > >    2017012002 ; Serial
> > >    1h ; Refresh
> > >    1h ; Retry
> > >    1h ; Expire
> > >    1h ) ; Negative cashing TTL
> > >
> > >    3600 IN NS ns1.archaxis.net.
> > >    3600 IN NS ns2.archaxis.net.
> > >
> > >   80 3600 IN PTR network.archaxis.net.
> > >   81 3600 IN PTR alpha.archaxis.net.
> > >   82 3600 IN PTR bravo.archaxis.net.
> > >   87 3600 IN PTR broadcast.archaxis.net.
> > >
> > >   What is wrong? Is this my problem, or with AT&T?
> >
> >
> >
> > --
> > Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> > Warning: I wish NOT to receive e-mail advertising to this address.
> > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> > Spam is for losers who can't get business any other way.
> > _______________________________________________
> > Please visit https://lists.isc.org/mailman/listinfo/bind-users to 
> > unsubscribe from this list
> >
> > bind-users mailing list
> > bind-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> 
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list