.in-addr.arpa bad referrals

Barry Margolin barmar at genuity.net
Thu Dec 20 15:46:22 UTC 2001


In article <9vrc6v$r0q at pub3.rc.vix.com>,
John Oliver  <john.oliver at hosting.com> wrote:
>
>Barry Margolin wrote:
>> 
>> In article <9vqtb5$ouj at pub3.rc.vix.com>,
>> John Oliver  <john.oliver at hosting.com> wrote:
>> >
>> >Occasionally, I get bad referrals for the rDNS for one customer...
>> >
>> >Dec 19 12:02:53 ns named[13292]: bad referral (50.120.216.in-addr.arpa
>> >!< 200.50.120.216.in-addr.arpa) from [216.120.50.250].53
>> >
>> >rDNS *does* work, though.  Their DNS is set up the same way as all the
>> >others I manage... the authoritative nameservers NS the records to the
>> >customers' nameserver.
>> 
>> He configured his server as master for the whole 50.120.216.in-addr.arpa
>> domain, not just the 200.50.120.216.in-addr.arpa subdomain:
>
>True.  But reverse resolution worked, and works (without bad referrals)
>for several other people set up that way.

It probably depends on whether the customer's nameserver includes the
domain's NS records in the Authority Records section of its responses.
Many nameservers don't, so your server doesn't see the upward referral.

>I just went through that RFC.  I altered 50.120.216.in-addr.arpa on the
>master to read like it says, and... now it doesn't work at all :-( 
>Here's the relevant details...
>
>Is there a change that needs to be made to the master zone to work with
>this scheme?

The customer has to rename the zone to whatever you called the subdomain.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.


More information about the bind-users mailing list