Reverse DNS Dig returning PTR results only with trace option
sven at whgl.uni-frankfurt.de
Tue Nov 10 22:04:29 UTC 2009
You could CNAME the needed entries to a new zone, which is then
delegated. AFAIK DNAME should be possible too.
Raj Adhikari schrieb:
> Thanks Chris for the reply.
> Actually, let me put my question the other way.
> How can one delegate the classless subnet to other DNS?
> Actually, one of our ISP could not delegate classless subnet to our
> server ns1.cyzap.net. I am trying to help them in delegating the
> classless subnet to us. So this scenario is simulating our ISP and us. I
> was just testing with one of our other subnets checking if delegation
> will work. Unfortunately, we both are using windows DNS. Windows just
> have RFC 2317 way on configuring the delegation on it KB article using
> CNAME, which I think has lots of problems. But I am following this BIND
> way for delegation. I think, in windows the DNS configuration is more or
> less similar to BIND.
> In this scenario, lets say ns1.cyzap.net is my ISP and
> ns1.monetreesystems.com is us. ns1.cyzap.net owns 18.104.22.168/24 and
> ns1.moneytreesystems.com take a subnet 134.224/28 from them. So isn't
> there a way for ns1.cyzap.net to delegate the subnet to
> ns1.moneytreesystems.com? Do ns1.cyzap.net again have to talk to their
> upper ISP to delegate directly to us? What if upper ISP also need to ask
> their upper tier ISP. It seems I am lacking some basic concept here
> about the owner of the subnet. If a true owner delegates the subnet to
> its client ISP, can't this ISP again delegate the classless subnet agin
> to its client ISP?
> Thank you,
> Rajendra Adhikari
> Chris Hills wrote:
>> On 10/11/09 18:25, Raj Adhikari wrote:
>>> Now I can do a dig for an hour or so. But again I run into same problem.
>>> It wont return PTR record unless I explicitly do dig on ns1.cyzap.net.
>>> Also, the last did showing ns1.cyzap.net as Authority NS for this IP.
>>> But trace showing ns1.moneytreesystems.com as final sender.
>>> Could someone shed a light on this?
>> 254.63.in-addr.arpa. 86400 IN NS NS3.MCLEODUSA.NET.
>> 254.63.in-addr.arpa. 86400 IN NS NS1.MCLEODUSA.NET.
>> 254.63.in-addr.arpa. 86400 IN NS NS2.MCLEODUSA.NET.
>> ;; Received 112 bytes from 22.214.171.124#53(y.arin.net) in 173 ms
>> 126.96.36.199.in-addr.arpa. 7200 IN NS ns1.cyzap.net.
>> 188.8.131.52.in-addr.arpa. 7200 IN NS ns2.cyzap.net.
>> ;; Received 90 bytes from 184.108.40.206#53(NS3.MCLEODUSA.NET) in 159 ms
>> 220.127.116.11.in-addr.arpa. 3600 IN NS ns2.moneytreesystems.com.
>> 18.104.22.168.in-addr.arpa. 3600 IN NS ns1.moneytreesystems.com.
>> ;; BAD (HORIZONTAL) REFERRAL
>> ;; Received 160 bytes from 22.214.171.124#53(ns2.cyzap.net) in 167 ms
>> You should not chain a delegation in this manner. Either make the
>> servers ns1.cyzap.net. and ns2.cyzap.net. authoritative for
>> 126.96.36.199.in-addr.arpa. or have your ISP change the NS records to
>> point directly to ns1.moneytreesystems.com. and
>> ns2.moneytreesystems.com. The cyzap servers do not respond with the
>> authority bit set ("aa" in dig).
>> bind-users mailing list
>> bind-users at lists.isc.org
> bind-users mailing list
> bind-users at lists.isc.org
More information about the bind-users