Reverse DNS on non-network .0 addresses

Mark_Andrews at isc.org Mark_Andrews at isc.org
Sun Feb 3 23:38:20 UTC 2002 

> I am able to do reverse on every other IP on the /24 block, just not .0

	Because that they didn't klugde the 0 addresses like they did the
	rest.

; <<>> DiG 8.3 <<>> 0.42.153.66.in-addr.arpa any @ns1.paetec.net 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;;	0.42.153.66.in-addr.arpa, type = ANY, class = IN

;; AUTHORITY SECTION:
42.153.66.in-addr.arpa.  1D IN SOA  ns1.paetec.net. dns.paetec.net. (
					2001090600	; serial
					8H		; refresh
					4H		; retry
					1W		; expiry
					1D )		; minimum


;; Total query time: 305 msec
;; FROM: drugs.dv.isc.org to SERVER: ns1.paetec.net  64.80.255.250
;; WHEN: Mon Feb  4 10:16:25 2002
;; MSG SIZE  sent: 42  rcvd: 96

> 
> When we acquired our /22 from our current provider I was having some issues
> with reverse DNS on the first half of the network.  When I noticed ARIN's
> whois information didn't show my company as providing reverse authority for
> the IP block, I put in a trouble ticket.  My current uplink assured me that
> they had delegated me authority for each of the zones.

	He hasn't delegated you authority for the 4 zones in question.

	He has delegated to you each of 1024 zones that correspond
	to the full in-addr.arpa names in this range minus the ones
	he has left out.

> Sure enough, I was/am able to do reverse on our delegated IP's.

	Which is only good luck as the current delegations are broken.
	Everyone looking up reverses in these zones will be logging
	"bad referral" messages.

> The only IP's I am having problems reversing are the non-network .0
> addresses (66.153.41.0 and 66.153.42.0).

	Good thing that something brought this to your attention so you
	can get it corrected.

> I noticed that with our old provider, who also provided us a /22, when I did
> a whois query on ARIN's whois servers it showed my uplink as the primary
> owners of the IP's and it had a section below it to denote that my company
> provided reverse authority for that block.  I guess I don't know enough
> about IP authority delegation yet to call and yell at my provider (maybe I
> dont need to).

	Your previous provide did the delegation correctly.

	Your current provider is lacking clue.  The nameservers
	listed in ARIN's whois and hence the DNS should be your
	servers.

	Mark
 
> Thanks guys,
> 
> Chris
> 
> ----- Original Message -----
> From: <Mark.Andrews at isc.org>
> To: "Chris Tata" <chris at madizm.org>
> Cc: "McNutt, Justin M." <McNuttJ at missouri.edu>; <bind-users at isc.org>
> Sent: Thursday, January 31, 2002 5:58 PM
> Subject: Re: Reverse DNS on non-network .0 addresses
> 
> 
> >
> > >
> > > Thanks for the quick reply!
> > >
> > > Here is the other relevant information in this situation:
> > >
> > > 66.153.40.0/22
> > >
> > > The zone I am doing reverse on:
> > > zone "42.153.66.in-addr.arpa"{ type master; file "66.153.42";
> > > allow-transfer{ 66.153.40.5; }; allow-update{ none;};};
> > >
> > > @               IN      SOA     ns.a1com.net.   hostmaster.a1com.net. (
> > >                         2002013102 ; serial
> > >                         86400 ; refresh
> > >                         3600 ; retry
> > >                         3600000 ; expire
> > >                         604800 ; default_ttl
> > >                         )
> > > @               IN      NS      ns.a1com.net.
> > > @               IN      NS      ns2.a1com.net.
> > > 0              IN      PTR     reverse.domain.com.
> > >
> > > Thanks,
> > >
> > > -chris
> > >
> > >
> >
> > Your upsteam doesn't know how to correctly get this space
> > delegated to you.  Telling you that you have to have each
> > individual address as a seperate zone is ridiculous.  They
> > should be co-ordinating the delegation with ARIN.  ARIN is
> > setup to handle sub delegations like this.  They deal with
> > them all the time.
> >
> > Get your ISP to talk to ARIN.
> >
> > Mark
> >
> > ; <<>> DiG 8.3 <<>> any 1.42.153.66.in-addr.arpa @ns2.paetec.net +norec
> > ; (1 server found)
> > ;; res options: init defnam dnsrch
> > ;; got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53096
> > ;; flags: qr ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
> > ;; QUERY SECTION:
> > ;; 1.42.153.66.in-addr.arpa, type = ANY, class = IN
> >
> > ;; ANSWER SECTION:
> > 1.42.153.66.in-addr.arpa.  1D IN NS  ns.a1com.net.
> > 1.42.153.66.in-addr.arpa.  1D IN NS  ns2.a1com.net.
> >
> > ;; AUTHORITY SECTION:
> > 1.42.153.66.in-addr.arpa.  1D IN NS  ns.a1com.net.
> > 1.42.153.66.in-addr.arpa.  1D IN NS  ns2.a1com.net.
> >
> > ;; ADDITIONAL SECTION:
> > ns.a1com.net. 1d6h3m37s IN A 66.153.40.3
> > ns2.a1com.net. 1d6h3m37s IN A 66.153.40.5
> >
> > ;; Total query time: 781 msec
> > ;; FROM: drugs.dv.isc.org to SERVER: ns2.paetec.net  64.80.255.251
> > ;; WHEN: Fri Feb  1 09:49:41 2002
> > ;; MSG SIZE  sent: 42  rcvd: 146
> >
> > --
> > Mark Andrews, Internet Software Consortium
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list