Who is authoritative?

Wed Apr 5 21:00:01 UTC 2000

I appreciate your insight. I am teaching this to myself from a book, and
some newsgroup postings, faq's etc (like everyone else I assume) and some
things just aren't making sense. I will indeed read the rfc. I had never
heard of using a dash or slash in a filename like that, but I will no doubt
understand when I read the rfc. (I hope!)

Thanx again, I certainly  wouldn't consider it a flame to have more great
pointers like that fired off my way.

Bruce Meyer

"Kevin Darcy" <kcd at daimlerchrysler.com> wrote in message
news:38EA9534.987D1219 at daimlerchrysler.com...
> Why did things come "to a screeching halt"? *How* did they come to a
screeching
> halt? Seems like it should have worked. The reverse for 208.60.126.129,
for
> instance, is aliased to 129.128.126.60.208.in-addr.arpa, so if you had the
> 128.126.60.208.in-addr.arpa zone configured correctly (and yes, it is
properly
> delegated to ns.rocsoft.net), and a PTR in that zone pointing to the
correct
> name, then that reverse should have resolved as expected. If you want some
more
> insight into how all of this is supposed to work, then read RFC 2317 or
> (re-)read _DNS_and_BIND_ , pages 217-218, where this is explained. The
only
> thing that's a little offbeat about your ISP's implementation is that they
are
> using just a plain number, e.g. 128, to indicate the address range, as
opposed
> to the "dash", e.g. 128-255, notation used in the _DNS_and_BIND_ example,
or
> the "slash" used in the RFC examples. But it's the same basic principle.
>
> Who IS supposed to be authoritative? Depends on what zone you're talking
about.
> *They* must be authoritative for the third-octet level in-addr.arpa zone,
e.g.
> 126.60.208.in-addr.arpa, but *you* must be authoritative for whatever zone
> contains the targets of the aliases they have created in that zone. Since
the
> aliases are pointing to names in the 128.126.60.208.in-addr.arpa zone,
then
> that's what you must be authoritative for, just like the lady said...
>
>
> - Kevin
>
> Bruce D. Meyer wrote:
>
> > I am frustrating over a getting my dns (8.x) to be perfect. (ISP) Our
zones
> > come from our upstream, Bellsouth.net.
> >
> > I have this mishmash of IP blocks:
> > 205.152.63.65-73
> > 207.203.142.1-64
> > 208.60.126.128-255
> > 209.149.176.1-255
> > 216.77.134.1-128
> >
> > I have everything from ascends, portmaster, servers, workstations, etc
on
> > these blocks.
> >
> > My question is, what is the correct way of naming my zone files?
> >
> > currently, I have :176.149.209.rev
> > 134.77.216.rev
> > 142.203.207.rev
> >
> > type names.
> >
> > Bellsouth's DNS admin, tells me I am claiming to be authoritative for my
> > zones.
> > She says that until I allow her DNS servers to be authoritative, she
can't
> > do zone updates etc. (One of her servers is about 5-6 months out of date
> > with mine, but oddly the rest are usually in sync...) She sent me an
example
> > once, telling me to rename my zone files as such:
> >  0.176.149.209.in-addr.arpa
> > 0.134.77.216.in-addr.arpa
> > 0.142.203.207.in-addr.arpa
> >
> > to be exact, I am quoting her text to me. (We user *.rev files)
> > When you get the idea, scroll to the end for what happened:
> >
> > -----x-snip -x--------------
> > These are the entries in your named.conf file that need to be
> > >>replaced:
> > >>>>>>>>
> > >>>>>>>>zone "142.203.207.in-addr.arpa" {
> > >>>>>>>> type master;
> > >>>>>>>> file "207.203.142.rev";
> > >>>>>>>>};
> > >>>>>>>>
> > >>>>>>>>zone "134.77.216.in-addr.arpa" {
> > >>>>>>>> type master;
> > >>>>>>>> file "216.77.134.rev";
> > >>>>>>>>};
> > >>>>>>>>
> > >>>>>>>>zone "63.152.205.in-addr.arpa" {
> > >>>>>>>> type master;
> > >>>>>>>> file "205.152.63.rev";
> > >>>>>>>>};
> > >>>>>>>>
> > >>>>>>>>zone "126.60.208.in-addr.arpa" {
> > >>>>>>>> type master;
> > >>>>>>>> file "208.60.126.rev";
> > >>>>>>>>};
> > >>>>>>>>
> > >>>>>>>>
> > >>>>>>>>They should be replaced with the following:
> > >>>>>>>>
> > >>>>>>>>zone "0.142.203.207.in-addr.arpa" {
> > >>>>>>>> type master;
> > >>>>>>>> file "207.203.142.rev";
> > >>>>>>>>};
> > >>>>>>>>
> > >>>>>>>>zone "0.134.77.216.in-addr.arpa" {
> > >>>>>>>> type master;
> > >>>>>>>> file "216.77.134.rev";
> > >>>>>>>>};
> > >>>>>>>>
> > >>>>>>>>zone "64.63.152.205.in-addr.arpa" {
> > >>>>>>>> type master;
> > >>>>>>>> file "205.152.63.rev";
> > >>>>>>>>};
> > >>>>>>>>
> > >>>>>>>>zone "128.126.60.208.in-addr.arpa" {
> > >>>>>>>> type master;
> > >>>>>>>> file "208.60.126.rev";
> > >>>>>>>>};
> > >>>>>>>>
> >
> > When I implemented her fix, everything on our network came to a
screeching
> > halt. I put things back, and the worked again..
> >
> > I am not interested in having a battle, I would truly like to learn the
> > error of my dns ways, and fix things. It's been almost two months, and I
> > still cannot find an example of how she is telling me to implement this
on
> > the net on deja, mr Dns,  http://www.intac.com/~cdp/cptd-faq/, in the
> > O'Reilly DNS & Bind book, etc. I have tried DNS Expert (Real useful, but
> > can't afford it) and I use dnswalk everyday. (real nice)
> >
> > And the final question is:
> >
> > Who IS supposed to be authoritative?
> >
> > her original response to this is:
> > >In response to your request below, I've delegated authority over
> > >your IP block 208.60.126.128/25 to your primary DNS server and our
> > >secondary DNS servers. However, we are unable to perform zone transfers
for
> > this IP block
> > >because
> > >the primary DNS server believes itself to be authoritative for the
> > >entire class C rather than the smaller block thereof.
> >
> > So, both sides of the loooong story.
> >
> > Any and all help would be greatly appreciated.
> > At this point, flames might even be useful....
> >
> > Bruce Meyer
> > RocSoft, Inc.
>
>
>
>
>
>