DNS reverse lookup doesn't work from outside
Kevin Darcy
kcd at daimlerchrysler.com
Tue Jul 27 23:38:41 UTC 2004
Jim Reid wrote:
>>>>>>"vijay" == vijay <vijay at buydeal.com> writes:
>>>>>>
>>>>>>
>
> vijay> Hi Kevin/list users, I have Dedicated T1 line from SBC, I
> vijay> configured Bind 9 on Solaris box for our domain by name
> vijay> buydeal.com, dns-01.buydeal.com is the name-server which is
> vijay> bind to 68.249.200.20. You can check this online it's not
> vijay> doing reverse lookup, but on the same
> vijay> system(dns-01.buydeal.com) it does reverse lookup.
>
>Talk to your ISP. They have setup the reverse DNS entry for this IP
>address (20.200.249.68.in-addr.arpa) as a CNAME which points at
>20.0.200.249.68.in-addr.arpa. But there's no delegation for
>0.200.249.68.in-addr.arpa.
>
Actually, Jim, it *is* delegated:
% dig -x 68.249.200.0 ns @ns1.ameritech.net.
; <<>> DiG 9.2.2rc1 <<>> -x 68.249.200.0 ns @ns1.ameritech.net.
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30447
;; flags: qr rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 3
;; QUESTION SECTION:
;0.200.249.68.in-addr.arpa. IN NS
;; ANSWER SECTION:
0.200.249.68.in-addr.arpa. 7200 IN NS ns1.ameritech.net.
0.200.249.68.in-addr.arpa. 7200 IN NS ns2.ameritech.net.
0.200.249.68.in-addr.arpa. 7200 IN NS dns-01.buydeal.com.
;; ADDITIONAL SECTION:
ns1.ameritech.net. 180 IN A 206.141.251.2
ns2.ameritech.net. 180 IN A 206.141.193.168
dns-01.buydeal.com. 25665 IN A 68.249.200.20
;; Query time: 34 msec
;; SERVER: 206.141.251.2#53(ns1.ameritech.net.)
;; WHEN: Tue Jul 27 19:36:58 2004
;; MSG SIZE rcvd: 172
%
But, since all of the delegated nameservers are either a) unresolvable,
or b) answering non-authoritatively for the zone, most caching resolvers
will mark this delegation as lame.
- Kevin
More information about the bind-users
mailing list