SBC reverse setup - revisited

Mark Andrews Mark_Andrews at isc.org
Thu Sep 22 01:23:45 UTC 2005


> Content-Type: text/plain; charset="US-ASCII"
> Despite contrary views - I DO have reverse authority over my SBC assigned 
> IP addresses:
> 
> I am using a SuSE distributed linux, 9.2 Professional  with bind 9.2.4-3
> 
> I have  x.x.x.120/29 authority, but SBC is telling me that I need to have 
> an in-addr-arpa for .120 ??
> 
> .121  is the slipstream dsl modem
> .122  is my first (usable) IP  that is my firewall   - I do NOT want DNS 
> there
> .123  is my  Name Server
> 
> /etc/named.conf
> 
> zone "29/120.x.x.x.in-addr-arpa" in {
>         type master;
>         file "db.x.x.x.120-29"
> };
> 
> zone "123.x.x.x.in-addr-arpa" in {
>         type master;
>         file "db.x.x.x.123"
> };
> 
> in /var/lib.named
> 
> db.x.x.x.123
> ===usual===
> 123.x.x.x.in-addr-arpa.  IN NS  blah-blah.
> 123.x.x.x.in-addr-arpa.  IN PTR  more.blah-blah.
> 
> db.x.x.x.120-29
> ===usual===
> 29/120.x.x.x.in-addr-arpa.  IN NS  blah-blah.
> 29/120.x.x.x.in-addr-arpa.  IN PTR  more.blah-blah.
> 
> (Note - same "blah-blah" for both)
> 
> I could abandon the "120-29  29/120" construct and replace with  just 120
> but isn't this then assuming that .120  is my primary ?
> 
> Am I missing something obvious ?
> 
> Mail is/was working without being flagged "may be forged" which I used to 
> get before I changed to this configuration, which dnsreport.com  reports 
> as a non-responsive server (and the backups have no authority).
> 
> If I need to post full IP/domain, let me know...I'm just being paranoid.

	Post the full IP addresses.  There are lots of way it can
	be done.  The correct answer depends upon has SBC has set
	things up.  See RFC 2317.

	Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org



More information about the bind-users mailing list