Reverse lookups not working when Internet connection failed.
Matus UHLAR - fantomas
uhlar at fantomas.sk
Sun Nov 6 13:39:23 UTC 2022
On 05.11.22 09:58, David Alexandre M. de Carvalho via bind-users wrote:
>Thank you all for the replies.
>For what I understand after reading your replies (I might be wrong :) ), reverse lookups fail when I have no outgoing
>connection because some caching or or transfer is needed from 66.136.193.in-addr.arpa. , wich I don't control. This
>is divided in several networks, 2 of them under my control.
correct. Admin of that zone is supposed to:
1. create proper CNAME records:
0.66.136.193.in-addr.arpa. CNAME 0.0-28.66.136.193.in-addr.arpa.
...
15.66.136.193.in-addr.arpa. CNAME 15.0-28.66.136.193.in-addr.arpa.
2. delegate 0-28.66.136.193.in-addr.arpa. to your servers, make their
servers secondary for this zone (optional)
3. allow your servers to to fetch 66.136.193.in-addr.arpa.
step 1. creates proper aliases
step 2. creates working delegation
step 3. allows you to see reverse records when your connection is down.
alternatively they can choose to 0/28.66.136.193.in-addr.arpa. or 0-15.66.136.193.in-addr.arpa.
instead of 0-28.66.136.193.in-addr.arpa.
>I'll have to read more carefully your suggestions to see if I find an
>alternative way to achieve this only by modifying my zone files, without
>messing up my current setup. I'll let you know how it goes.
>> On 11/4/22 2:07 PM, Mark Andrews wrote:
>>> Any ISP that offers these delegations should be allowing their
>>> customers to transfer the zone that contains the CNAMEs for the
>>> customer address space by default.
>>
>> I've had enough trouble getting ISPs to support 2317 delegation period.
>> I think that asking them to allow me to do a zone transfer would have
>> been a hard no.
>>
>> I certainly don't think this would be allowed /by/ /default/.
>>
>> I just checked and § 5.1 of RFC 2317 mentioned having the parent do a
>> secondary zone transfer of the child zone. But I don't see any mention
>> of the child doing a secondary zone transfer of the parent zone.
>>
>> I think that would be a good idea.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Emacs is a complicated operating system without good text editor.
More information about the bind-users
mailing list