"Unrelated Additional Info" from Windows 2000 Active Directory servers

Kevin Darcy kcd at daimlerchrysler.com
Wed Oct 3 21:22:00 UTC 2001


Adam Hooper wrote:

> Thanks for replying!
>
> > -----Original Message-----
> > From: bind-users-bounce at isc.org
> > [mailto:bind-users-bounce at isc.org] On Behalf Of Kevin Darcy
> > Sent: Tuesday, October 02, 2001 5:47 PM
> > To: bind-users at isc.org
> > Subject: Re: "Unrelated Additional Info" from Windows 2000
> > Active Directory servers
> >
> >
> >
> > Adam Hooper wrote:
>
> > > The internal win2k server "resin" also handles reverse DNS
> > lookups for
> > > domainB. Here's the entry for that forward in named.conf:
> > >
> > > zone "1.168.192.in-addr.arpa" in {
> > >         type forward;
> > >         check-names ignore;
> > >         forward first;
> > >         forwarders { 192.168.1.202; };
> > >         file "rev.1.168.192";
> > > };
> >
> > "Type forward" zones don't have a "file". What would you even
> > put into that file? You're forwarding all of the queries you
> > get for the domain, so there is no reason to have a file.
>
> Heh, knew someone would pick up on that. I probably did the wrong thing
> here, but it seems to work. When a computer queries carbon,
> 192.168.1.201, for any IP, carbon does an nslookup on itself (I think)
> and for some reason doesn't check resin even though it's supposed to be
> forwarded. The result: Every nslookup takes 2 seconds and while the
> response comes through, there's a nice error message along with each
> one.
>
> Nobody here really knows what's going on since we're not that familiar
> with DNS. However, this seems to work so we left it alone: we simply
> made a zone file with only carbon, 192.168.1.201, in it. Is there a
> better way to do this?

Well, why don't you just get your PTR record added on the master?

If for some reason you _must_ retain control of that particular
PTR record, the only reasonable way to do so is to get it delegated as a
zone by itself, or for the parent zone to alias the in-addr.arpa name to a
name in a zone you control. Read RFC 2317 to get the general gist of how
to do so-called "classless in-addr.arpa delegation".


- Kevin




More information about the bind-users mailing list