Reverse lookups no longer work??

Kevin Darcy kcd at daimlerchrysler.com
Sat May 19 01:59:54 UTC 2001


Lame servers, bad referrals and "NS points to CNAME" are almost invariably
problems with other people's DNS data, not a problem with your nameserver
configuration, your zone data, or your network.

Regular query timeouts won't show up in your syslog by default. My advice
would be to turn on server debugging while you're experiencing the problem.
If you see lots of "retry" messages in the debug output, take note of which
addresses are failing. Maybe you or your ISP has some sort of routing
problem.


- Kevin

brian at isightinc.com wrote:

> It seems reverse lookups are no longer working.  My websites were
> greatly slowed until I turned off HostnameLookups, I can't login via
> FTP, and SSH is slow.  I figure it's one of two problems.  1.)  My named
> is somehow screwed up.  2.)  It's my ISPs problem.  Because the IPs I
> have were allocated to my ISP, not me, the reverse IP-to-domainname
> lookups go through his server.  So I'm thinking that may be the source
> of the problem.
>
> Here's what my syslog looks like:
>
> May 17 19:28:35 www PAM_pwdb[658]: (sshd) session closed for user
> pgallery
> May 17 19:28:37 www named[431]: bad referral (in-addr.arpa !<
> 233.148.in-addr.arpa) from [200.33.150.193].53
> May 17 19:29:13 www last message repeated 18 times
> May 17 19:29:13 www last message repeated 8 times
> May 17 19:29:14 www named[431]: Lame server on
> '129.86.25.200.in-addr.arpa' (in '86.25.200.in-addr.arpa'?):
> [200.25.58.4].53 'GAITANA.INTERRED.NET.CO'
> May 17 19:29:15 www named[431]: Lame server on
> '129.86.25.200.in-addr.arpa' (in '86.25.200.in-addr.arpa'?):
> [200.25.100.3].53 'NS.CETCOL.NET.CO'
> May 17 19:29:15 www named[431]: ns_forw:
> query(129.86.25.200.in-addr.arpa) All possible A RR's lame
> May 17 19:29:18 www ftpd[795]: FTP session closed
> May 17 19:29:19 www named[431]: bad referral (in-addr.arpa !<
> 233.148.in-addr.arpa) from [200.33.150.193].53
> May 17 19:30:21 www last message repeated 27 times
> May 17 19:30:28 www last message repeated 17 times
> May 17 19:31:11 www named[431]: Lame server on
> '185.244.88.24.in-addr.arpa' (in '244.88.24.in-addr.arpa'?):
> [24.30.201.3].53 'DNS2.RR.COM'
> May 17 19:31:11 www named[431]: Lame server on
> '185.244.88.24.in-addr.arpa' (in '244.88.24.in-addr.arpa'?):
> [24.30.200.3].53 'DNS1.RR.COM'
> May 17 19:31:28 www named[431]: bad referral (67.10.61.in-addr.arpa !<
> 47.67.10.61.in-addr.arpa) from [61.10.0.130].53
> May 17 19:31:28 www named[431]: bad referral (67.10.61.in-addr.arpa !<
> 47.67.10.61.in-addr.arpa) from [61.10.0.130].53
> May 17 19:32:01 www named[431]: Lame server on
> '56.48.45.12.in-addr.arpa' (in '48.45.12.in-addr.arpa'?):
> [12.127.16.69].53 'cmtu.mt.ns.els-gms.att.net'
> May 17 19:32:01 www named[431]: Lame server on
> '56.48.45.12.in-addr.arpa' (in '48.45.12.in-addr.arpa'?):
> [199.191.128.105].53 'cbru.br.ns.els-gms.att.net'
> May 17 19:39:07 www named[431]: "207.93.24.in-addr.arpa IN NS" points to
> a CNAME (akron5.neo.lrun.com)
> May 17 19:39:53 www named[431]: Lame server on
> '165.109.152.216.in-addr.arpa' (in '109.152.216.in-addr.arpa'?):
> [198.6.1.82].53 'AUTH02.NS.UU.NET'
> May 17 19:41:27 www named[431]: Lame server on
> '109.98.83.209.in-addr.arpa' (in '98.83.209.in-addr.arpa'?):
> [207.170.7.6].53 'NS2.NORLIGHT.NET'
> May 17 19:41:27 www named[431]: Lame server on
> '109.98.83.209.in-addr.arpa' (in '98.83.209.in-addr.arpa'?):
> [207.170.3.6].53 'NS1.NORLIGHT.NET'
> May 17 19:41:27 www named[431]: ns_forw:
> query(109.98.83.209.in-addr.arpa) All possible A RR's lame
> May 17 19:42:14 www named[431]: Lame server on
> '152.158.36.62.in-addr.arpa' (in '36.62.in-addr.arpa'?):
> [193.0.0.193].53 'ns.ripe.net'
> May 17 19:45:11 www named[431]: Lame server on
> '194.201.217.193.in-addr.arpa' (in '201.217.193.in-addr.arpa'?):
> [193.216.69.10].53 'ns.tele2.no'
> May 17 19:46:51 www named[431]: Lame server on
> '11.47.138.212.in-addr.arpa' (in '47.138.212.in-addr.arpa'?):
> [212.26.18.3].53 'ns1.isu.net.sa'
> May 17 19:47:05 www named[431]: "66.39.200.in-addr.arpa IN NS" points to
> a CNAME (dns1.nextgeninter.net.mx)
> May 17 19:47:05 www named[431]: "66.39.200.in-addr.arpa IN NS" points to
> a CNAME (dns2.nextgeninter.net.mx)
> May 17 19:47:06 www named[431]: ns_forw:
> query(11.47.138.212.in-addr.arpa) NS points to CNAME
> (public.isu.net.sa:) learnt (CNAME=212.26.18.3:NS=192.36.125.2)
> May 17 19:47:11 www ftpd[829]: User unknown timed out after 900 seconds
> at Thu May 17 19:47:11 2001
>
> It seems no lookups work anymore.  Does anyone have a clue what might be
> causing the problem?  Please go easy on me.  I'm a named, bind, DNS
> newbie.
>
> Thanks,
>
> Brian
>
> --
> Posted from falcon.mail.pas.earthlink.net [207.217.120.74]
> via Mailgate.ORG Server - http://www.Mailgate.ORG





More information about the bind-users mailing list