PTR record handling in a subnetted network

Mark.Andrews at nominum.com Mark.Andrews at nominum.com
Fri Mar 2 23:22:29 UTC 2001


> 
> Concerns:   Handling of PTR records in BIND 9.1.0 in a subnetted network,
>             to be precise, 194.154.217.224/28
> 
> Question:   No precise question, but does anyone have a comment on my
>             big question mark at the end?
> 
> Background: This is a subsubnet in subnet 194.154.192.0/19 owned by the
>             local telecom provider, P&TLuxembourg.
> 
>             I have recently replaced bind 8 by bind 9, and started looking
>             for no particular reason at the reverse lookup, which I
> inherited
>             from the previous sysop.
> 
> We see the following in the reverse lookup database record:
> 
> -------------------
> $TTL 28800
> $ORIGIN 217.154.194.in-addr.arpa.
> 224             IN      SOA     dns1.synapse.lu. dnsadmin.synapse.lu. (
>                 2001020406 28800 7200 604800 86400 )
>                 IN      NS      dns1.synapse.lu.
>                 IN      NS      dns2.synapse.lu.
> $ORIGIN 224.217.154.194.in-addr.arpa.
> 225             IN      PTR     dns1.synapse.lu.
> (etc)
> --------------------
> 
> This worked for bind 8 and also works for bind 9, but it's not how
> things should be according to RFC2317
> 
>   http://www.cis.ohio-state.edu/htbin/rfc/rfc2317.html
> 
> Notice the second $ORIGIN which actually gives the base address of my
> network. Question: do I have to set it up like this because my
> provider is doing something wrongly/weirdly? I tried some other approaches
> but mainly got 'out of zone' errors from BIND.
> 
> Using the above setup, I do:
> 
> ---------------------
> host -v 194.154.217.225
> Trying "225.217.154.194.in-addr.arpa."
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44026
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
> 
> ;; QUESTION SECTION:
> ;225.217.154.194.in-addr.arpa.  IN      PTR
> 
> ;; ANSWER SECTION:
> 225.217.154.194.in-addr.arpa. 68781 IN  CNAME
> 225.224.217.154.194.in-addr.arpa.
> 225.224.217.154.194.in-addr.arpa. 28800 IN PTR  dns1.synapse.lu.
> 
> ;; AUTHORITY SECTION:
> 224.217.154.194.in-addr.arpa. 28800 IN  NS      dns2.synapse.lu.
> 224.217.154.194.in-addr.arpa. 28800 IN  NS      dns1.synapse.lu.
> 
> ;; ADDITIONAL SECTION:
> dns1.synapse.lu.        28800   IN      A       194.154.217.225
> dns2.synapse.lu.        28800   IN      A       194.154.217.229
> 
> Received 162 bytes from 127.0.0.1#53 in 4 ms
> ---------------------
> 
> Or, more briefly:
> 
> ---------------------
> $host 194.154.217.225
> 225.217.154.194.in-addr.arpa. is an alias for
> 225.224.217.154.194.in-addr.arpa.
> 225.224.217.154.194.in-addr.arpa. domain name pointer dns1.synapse.lu.
> ---------------------
> 
> Question: *Who* says that
> 
> "225.217.154.194.in-addr.arpa. 68781 IN  CNAME
> 225.224.217.154.194.in-addr.arpa."
> 
> because it's definitely not my nameserver...is it?

	217.154.194.in-addr.arpa.  23h58m49s IN NS  ns2.pt.lu.
	217.154.194.in-addr.arpa.  23h58m49s IN NS  ns1.pt.lu.

	Actually you should also be serving 217.154.194.in-addr.arpa so
	that when your connection goes down you can resolve your addresses
	locally.  Make yourself a slave for 217.154.194.in-addr.arpa.

> 
> 
> Thanks in advance for any answer.
> 
> -- David Tonhofer
> 
> 
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at nominum.com


More information about the bind-users mailing list