Problem with Classless IN-ADDR.ARPA delegation

Mark Damrose mdamrose at elgin.cc.il.us
Wed Jan 9 21:30:47 UTC 2002 

You included the wrong snippet from named.conf, but aside from that I can't
see anything wrong with your setup.  When I query your server, I get the
answers I expect.

The one thing I do see is that the servers for 66.68.195.in-addr.arpa.
delegate 1-27.66.68.195.in-addr.arpa. to www.ebi-fr.com.  www.ebi-fr.com is
a CNAME to srv-web.ebi-fr.com.  NS records should point to A records.
Either make www.ebi-fr.com an A record, or have the owners of
66.68.195.in-addr.arpa. delegate to srv-web.ebi-fr.com.

"Guillaume Laurès" <glaures at ebi-fr.com> wrote in message
news:a1i35t$6je at pub3.rc.vix.com...
> Hello to everybody,
>
> I used to have a working config for classless delegation, but now it
> doesn't work anymore (worked about 5 monthes).
> I didn't change the config (as far as I remember), did not upgrade bind
> (or maybe ?).
> Well, I don't remember what could have caused the trouble since I made
> some changes some time ago but I discovered the problem only now.
>
> Here is the setup: I have the 195.68.66.0/28 subnet delegated from my
> ISP (have other w/ the same problem but let's keep it simple), and we
> have choosed to run our own name server on those addresses
>
> bind version is :
> [root at srv-web /root]# named -v
> named 8.2.3-REL Sat Jan 27 05:11:05 EST 2001
>
prospector at porky.devel.redhat.com:/usr/src/bs/BUILD/bind-8.2.3/src/bin/named
>
>
>
> I have the following config in named.conf:
> zone "32-28.64.68.195.in-addr.arpa" {
>         type master;
>         file "195.68.64.32-28.rev";
>         };
>
>
>
> The zone file looks like this:
> $ttl 600
> 1-27.66.68.195.in-addr.arpa.    IN      SOA     srv-web.ebi-fr.com.
> administrateur.ebi-fr.com. (
>                         993755287
>                         21600
>                         3600
>                         604800
>                         600 )
> 1-27.66.68.195.in-addr.arpa.    IN      NS      srv-web.ebi-fr.com.
> 1.1-27.66.68.195.in-addr.arpa.  IN      PTR     travaux.pratique.fr.
> 2.1-27.66.68.195.in-addr.arpa.  IN      PTR     newsletter.ebi-fr.com.
> ...
> 30.1-27.66.68.195.in-addr.arpa. IN      PTR     gw.ebi-fr.com.
> 31.1-27.66.68.195.in-addr.arpa. IN      PTR
> host66-31.lan-ls.imaginet.fr.
>
>
>
> And here is the log of my bind starting:
> Jan  9 19:28:56 srv-web named[7805]: starting (/etc/named.conf).  named
> 8.2.3-REL Sat Jan 27 05:11:05 EST 2001
>
^Iprospector at porky.devel.redhat.com:/usr/src/bs/BUILD/bind-8.2.3/src/bin/nam
ed
> Jan  9 19:28:56 srv-web named[7805]: load: info: hint zone "" (IN)
> loaded (serial 0)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "32-28.64.68.195.in-addr.arpa" (IN) loaded (serial 99375531)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "1-27.66.68.195.in-addr.arpa" (IN) loaded (serial 993755287)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "cfmp.tm.fr" (IN) loaded (serial 993757043)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "ebi-fr.com" (IN) loaded (serial 993755137)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "esf-editeur.fr" (IN) loaded (serial 993757224)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "groupe-strategies.fr" (IN) loaded (serial 993757379)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "groupe-strategies.com" (IN) loaded (serial 993757378)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone "lra.fr"
> (IN) loaded (serial 993755125)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "pratique.fr" (IN) loaded (serial 993757597)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "strategies-online.com" (IN) loaded (serial 993757377)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "strategieseurope.com" (IN) loaded (serial 993757377)
> Jan  9 19:28:56 srv-web named[7805]: load: info: master zone
> "forum-emplois.com" (IN) loaded (serial 993757382)
> Jan  9 19:29:19 srv-web named[7805]: load: info: slave zone
> "rbl-plus.mail-abuse.org" (IN) loaded (serial 1010592879)
> Jan  9 19:29:19 srv-web named[7805]: default: info: listening on
> [195.68.66.4].53 (eth0)
> Jan  9 19:29:19 srv-web named[7805]: default: info: Forwarding source
> address is [0.0.0.0].53
> Jan  9 19:29:19 srv-web named[7814]: security: info: group = 25
> Jan  9 19:29:19 srv-web named[7814]: security: info: user = named
> Jan  9 19:29:19 srv-web named[7814]: default: notice: Ready to answer
> queries.
> jan  9 19:29:19 srv-web named: named startup succeeded
>
>
>
> Now why I say it don't work ?
> - connecting to ftp sites takes a long time, just like if reverse dns
> check didn't worked
> - asking for reverse lookup of one address from an external host don't
> work:
> chr at gw:~$ nslookup 195.68.66.2
> Note:  nslookup is deprecated and may be removed from future releases.
> Consider using the `dig' or `host' programs instead.  Run nslookup with
> the `-sil[ent]' option to prevent this message from appearing.
> Server:         193.252.19.3
> Address:        193.252.19.3#53
>
> ** server can't find 2.66.68.195.in-addr.arpa: SERVFAIL
>
>
>
> whereas straight lookup works:
> chr at gw:~$ nslookup newsletter.ebi-fr.com
> Note:  nslookup is deprecated and may be removed from future releases.
> Consider using the `dig' or `host' programs instead.  Run nslookup with
> the `-sil[ent]' option to prevent this message from appearing.
> Server:         193.252.19.3
> Address:        193.252.19.3#53
>
> Name:   newsletter.ebi-fr.com
> Address: 195.68.66.2
>
>
>
> For those who prefer host:
> chr at gw:~$ host 195.68.66.2
> Nameserver not responding
> 195.68.66.2 PTR record not found, try again
>
> chr at gw:~$ host newsletter.ebi-fr.com
> newsletter.ebi-fr.com   A       195.68.66.2
>
>
>
> - and strangely my server don't feel being authoritative for the
> sub-zones:
> [root at srv-web /root]# dig @195.68.66.4 soa 0-28.66.68.195.in-addr.arpa.
>
> ; <<>> DiG 8.3 <<>> @195.68.66.4 soa 0-28.66.68.195.in-addr.arpa.
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;; 0-28.66.68.195.in-addr.arpa, type = SOA, class = IN
>
> ;; AUTHORITY SECTION:
> 66.68.195.in-addr.arpa.  10M IN SOA  moria.imaginet.fr.
> named-mgr.imaginet.fr. (
> 2001071901 ; serial
> 6H ; refresh
> 1H ; retry
> 1W ; expiry
> 10M ) ; minimum
>
>
> ;; Total query time: 4235 msec
> ;; FROM: srv-web.ebi-fr.com to SERVER: 195.68.66.4
> ;; WHEN: Wed Jan  9 19:36:56 2002
> ;; MSG SIZE  sent: 45  rcvd: 108
>
>
> moria.imaginet.fr is my ISP's dns server for 66.68.195.in-addr.arpa.
>
>
> I feel it to be a bit long, but I hope I provided as much information as
> possible to troubleshoot the issue.
>
> Thanks to anybody who can help !!
>
>
> Regards
>
>
> --
> Guillaume Laurès
> Responsable Systèmes et Techniques - EBI
> Tel [33](0)1 46 29 68 24
> Mob [33](0)6 07 24 55 60
> Fax [33](0)1 46 29 46 15
>
>
>

More information about the bind-users mailing list