reverse lookups with dig for internal domains

Mark Andrews Mark_Andrews at isc.org
Thu Sep 16 23:50:39 UTC 2004


> Hi all 
> 
> I have been scratching my head for the past two - three days to come
> to terms with  an inexplicable (atleast it seems so to to me ) 
> behaviour of dig. Let me explain it ..
> 
> We have an  internal domain in the private ip space , which cannot be
> looked up from external world. When I do a dig -x <ip> from our
> internal name server
> 
>  say dig -x 10.1.1.1 
> 
> gives the host name right 
> 
> but the authority section is from the root zone 
> ----------- 
> ;; AUTHORITY SECTION:
> 10.in-addr.arpa.        9h6m59s IN NS   BLACKHOLE-1.IANA.ORG.
> 10.in-addr.arpa.        9h6m59s IN NS   BLACKHOLE-2.IANA.ORG 
>  
> ------------
> 
> When I follow that up with a qury like 
> 
>  dig ns 1.1.10.in-addr.arpa 
> 
> I get the name servers right ( that of our internal domain ) 
> 
> and now when I  try to reverse lookup any ip in the internal domain
> the authority section of the answer is coming out absolutely right 
> ever after .
> 
> thoughts/comments ? 
> Sai.
> 

	You made a reverse lookup for a 10.x.x.x address not in
	10.1.1.x ~6.5 days ago and the cache has the NS records
	for 10.in-addr.arpa as a result.

	The NS records for 1.1.10.in-addr.arpa have timed out and
	you still have the PTR record for 1.1.1.10.in-addr.arpa.

	If this bothers you use a slave / stub zone for
	1.1.10.in-addr.arpa.

	Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org


More information about the bind-users mailing list