DNS reverse lookup doesn't work from outside

Kevin Darcy kcd at daimlerchrysler.com
Tue Jul 27 23:38:41 UTC 2004


Jim Reid wrote:

>>>>>>"vijay" == vijay  <vijay at buydeal.com> writes:
>>>>>>            
>>>>>>
>
>    vijay> Hi Kevin/list users, I have Dedicated T1 line from SBC, I
>    vijay> configured Bind 9 on Solaris box for our domain by name
>    vijay> buydeal.com, dns-01.buydeal.com is the name-server which is
>    vijay> bind to 68.249.200.20.  You can check this online it's not
>    vijay> doing reverse lookup, but on the same
>    vijay> system(dns-01.buydeal.com) it does reverse lookup.
>
>Talk to your ISP. They have setup the reverse DNS entry for this IP
>address (20.200.249.68.in-addr.arpa) as a CNAME which points at
>20.0.200.249.68.in-addr.arpa. But there's no delegation for
>0.200.249.68.in-addr.arpa. 
>
Actually, Jim, it *is* delegated:

% dig -x 68.249.200.0 ns @ns1.ameritech.net.

; <<>> DiG 9.2.2rc1 <<>> -x 68.249.200.0 ns @ns1.ameritech.net.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30447
;; flags: qr rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 3

;; QUESTION SECTION:
;0.200.249.68.in-addr.arpa.     IN      NS

;; ANSWER SECTION:
0.200.249.68.in-addr.arpa. 7200 IN      NS      ns1.ameritech.net.
0.200.249.68.in-addr.arpa. 7200 IN      NS      ns2.ameritech.net.
0.200.249.68.in-addr.arpa. 7200 IN      NS      dns-01.buydeal.com.

;; ADDITIONAL SECTION:
ns1.ameritech.net.      180     IN      A       206.141.251.2
ns2.ameritech.net.      180     IN      A       206.141.193.168
dns-01.buydeal.com.     25665   IN      A       68.249.200.20

;; Query time: 34 msec
;; SERVER: 206.141.251.2#53(ns1.ameritech.net.)
;; WHEN: Tue Jul 27 19:36:58 2004
;; MSG SIZE  rcvd: 172

%

But, since all of the delegated nameservers are either a) unresolvable, 
or b) answering non-authoritatively for the zone, most caching resolvers 
will mark this delegation as lame.

                                                                         
                                          - Kevin




More information about the bind-users mailing list