Reverse delegation - refused on my DNS

Michael Monnerie michael.monnerie at is.it-management.at
Thu Aug 20 21:37:35 UTC 2009


I'm still searching for the error.
Also, sorry for the strangeness of the mail format, I used a webmail for the last mails. This time it's Outlook, don't know if it's really any better... at least not for correctly indenting old mail texts :-(

> 	Because you don't serve 164.69.212.in-addr.arpa and you
> 	tried to access the cache. You should slave
> 	164.69.212.in-addr.arpa so you have the CNAMEs locally.
> 	This will also make the above dig directed at your server
> 	work as the answer will come from the zone rather than
> 	the cache.

I did that now, helps :-))
 
> 	Note: the lookups are working remotely because interative
> 	resolvers ask for 57.48-28.164.69.212.in-addr.arpa rather
> 	that 57.164.69.212.in-addr.arpa as generated by the above
> 	dig.

Ah, I get the point. I always tested from a remote side with
dig @dns1.zmi.at -x 212.69.164.57
but that didn't work as this is not an open resolver. Slaving the zone as you suggested enables even these lookups to work now. I think it's good, as it helps remote sites to debug DNS when hunting an error.

A plain
dig -x 212.69.164.57
also works, so, do I have an issue or is everything OK with my configuration?

Thanks for all your help, to all three of you!
mfg zmi




More information about the bind-users mailing list