Problems with classless reverse delegation

Kevin Darcy kcd at daimlerchrysler.com
Fri Jan 3 23:21:46 UTC 2003


John Oliver wrote:

>Yes, I've been Googling... :-)  I think that the ISP that's
>authoritative for the addresses in question might be doing something
>wrong, but I'm not sure.
>
>I have 209.68.231.0/29  The authoritative DNS server, ns.cts.com,
>supposedly has the NS and CNAME records... the hostmaster swears they're
>there and correct.  Nothing that I do on my end makes this work, but,
>then again, I've *never* made this work :-(  I just haven't really cared
>until now.
>
>My named.conf entry:
>
>zone "0-29.231.68.209.in-addr.arpa" {
>        type master;
>        file "zone/231.68.209.0-29";
>};
>
>And the zone file:
>
>[joliver at ns joliver]$ cat /var/named/zone/231.68.209.0-29
>$TTL 3600
>;0-29.231.68.209.in-addr.arpa.
>@               IN      SOA     ns.sdsitehosting.net.
>hostmaster.sdsitehosting.net. (
>                2003010302      ; serial number
>                3600 1200 1209600 3600 )
>                IN      NS      ns.sdsitehosting.net.
>
>1               IN      PTR     hosting-gw.home.john-oliver.net.
>2               IN      PTR     host2.john-oliver.net.
>3               IN      PTR     host3.john-oliver.net.
>4               IN      PTR     host4.john-oliver.net.
>5               IN      PTR     host5.john-oliver.net.
>6               IN      PTR     broadcast.home.john-oliver.net.
>
>One of the reasons why I think the ISP might have things wrong:
>
>[joliver at ns joliver]$ dig @ns.cts.com -x 209.68.231.2
>
>; <<>> DiG 9.2.1rc1 <<>> @ns.cts.com -x 209.68.231.2
>;; global options:  printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 39982
>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
>;; QUESTION SECTION:
>;2.231.68.209.in-addr.arpa.     IN      PTR
>
>;; Query time: 33 msec
>;; SERVER: 192.188.72.18#53(ns.cts.com)
>;; WHEN: Fri Jan  3 14:18:44 2003
>;; MSG SIZE  rcvd: 43
>
>And another:
>
>[joliver at ns joliver]$ nslookup 209.68.231.2
>Note:  nslookup is deprecated and may be removed from future releases.
>Consider using the `dig' or `host' programs instead.  Run nslookup with
>the `-sil[ent]' option to prevent this message from appearing.
>Server:         64.119.217.2
>Address:        64.119.217.2#53
>
>** server can't find 2.231.68.209.in-addr.arpa: SERVFAIL
>
Yes, they screwed it up. They tried to delegate the container zone to an 
IP address instead of to the name of your nameserver:

0/29.231.68.209.in-addr.arpa. 86400 IN  NS      
64.119.217.40.231.68.209.in-addr.arpa.              

Do a zone transfer of the zone from their server to see what I mean.

                                                                        
                                                - Kevin


>  
>




More information about the bind-users mailing list