reverse lookups with dig for internal domains
Garimella, Sai Balasubramanyam
gsaibala at corp.untd.com
Fri Sep 17 06:12:11 UTC 2004
What a fantastic answer , Mark!!.
>>The NS records for 1.1.10.in-addr.arpa have timed out
The authority servers for 10.x.y. domain here are windows servers.
And I think Windows DNS server is unable to fit all the data as an
answer(both ptr and ns records) to the query in a single udp datagram. Is
there an option Mark , in windows dns , so that we can instruct it to
make use of TCP if its answer exceeds a specific size limit.
thanks,
Sai.
-----Original Message-----
From: Mark_Andrews at isc.org [mailto:Mark_Andrews at isc.org]
Sent: Friday, September 17, 2004 5:21 AM
To: gsaibala at corp.untd.com
Cc: comp-protocols-dns-bind at isc.org
Subject: Re: reverse lookups with dig for internal domains
> Hi all
>
> I have been scratching my head for the past two - three days to come
> to terms with an inexplicable (atleast it seems so to to me )
> behaviour of dig. Let me explain it ..
>
> We have an internal domain in the private ip space , which cannot be
> looked up from external world. When I do a dig -x <ip> from our
> internal name server
>
> say dig -x 10.1.1.1
>
> gives the host name right
>
> but the authority section is from the root zone
> -----------
> ;; AUTHORITY SECTION:
> 10.in-addr.arpa. 9h6m59s IN NS BLACKHOLE-1.IANA.ORG.
> 10.in-addr.arpa. 9h6m59s IN NS BLACKHOLE-2.IANA.ORG
>
> ------------
>
> When I follow that up with a qury like
>
> dig ns 1.1.10.in-addr.arpa
>
> I get the name servers right ( that of our internal domain )
>
> and now when I try to reverse lookup any ip in the internal domain
> the authority section of the answer is coming out absolutely right
> ever after .
>
> thoughts/comments ?
> Sai.
>
You made a reverse lookup for a 10.x.x.x address not in
10.1.1.x ~6.5 days ago and the cache has the NS records
for 10.in-addr.arpa as a result.
The NS records for 1.1.10.in-addr.arpa have timed out and
you still have the PTR record for 1.1.1.10.in-addr.arpa.
If this bothers you use a slave / stub zone for
1.1.10.in-addr.arpa.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list