forward name resolution OK, but reverse doesn't work ...
Mark Andrews
marka at isc.org
Sat Jun 18 00:54:55 UTC 2011
The root servers no longer serve arpa or in-addr.arpa.
See the following for where to transfer these zones from
now. http://seclists.org/nanog/2011/Feb/1453
Mark
In message <4DFB848A.1080504 at vr-web.de>, Thomas Schweikle writes:
> This is a MIME-formatted message. If you see this text it means that your
> E-mail software does not support MIME-formatted messages.
>
> --===============3481814819935306570==
> Content-Type: multipart/signed; micalg=pgp-sha1;
> protocol="application/pgp-signature";
> boundary="=_vrwf203-17994-1308329101-0001-2"
>
> This is a MIME-formatted message. If you see this text it means that your
> E-mail software does not support MIME-formatted messages.
>
> --=_vrwf203-17994-1308329101-0001-2
> Content-Type: text/plain; charset=ISO-8859-15
> Content-Transfer-Encoding: quoted-printable
>
> Hi!
>
> I am having some problem with my nameserver:
>
> It resolves forward:
> !user at ks1:~$ host google.com
> !google.com has address 74.125.79.147
> !google.com has address 74.125.79.99
> !google.com has address 74.125.79.104
> !google.com mail is handled by 50 alt4.aspmx.l.google.com.
> !google.com mail is handled by 10 aspmx.l.google.com.
> !google.com mail is handled by 20 alt1.aspmx.l.google.com.
> !google.com mail is handled by 30 alt2.aspmx.l.google.com.
> !google.com mail is handled by 40 alt3.aspmx.l.google.com.
>
> But not reverse:
> !user at ks1:~$ host 74.125.79.99
> !Host 99.79.125.74.in-addr.arpa not found: 2(SERVFAIL)
>
> Main configuration (partly shorted):
> !options {
> ! directory "/var/tmp/named";
> ! pid-file "/var/run/named/named.pid";
> ! dump-file "/var/run/named/named_dump.db";
> ! statistics-file "/var/run/named/named.stats";
> ! listen-on { any; };
> ! #listen-on-v6 { any; };
> ! recursion yes;
> ! auth-nxdomain no;
> !};
> !
> !// slave to root name servers
> !zone "." {
> ! type slave;
> ! file "/var/cache/named/root/root.slave";
> ! masters { 192.5.5.241; };
> ! notify no;
> !};
> !
> !zone "arpa" {
> ! type slave;
> ! file "/var/cache/named/root/arpa.slave";
> ! masters { 192.5.5.241; };
> ! notify no;
> !};
> !
> !zone "in-addr.arpa" {
> ! type slave;
> ! file "/var/cache/named/root/in-addr.arpa.slave";
> ! masters { 192.5.5.241; };
> ! notify no;
> !};
> !
> !// RFC 1912 (and BCP 32 for localhost)
> !zone "localhost" {
> ! type master;
> ! file "/etc/named/master/localhost-forward.db";
> !};
> !
> !zone "127.in-addr.arpa" {
> ! type master;
> ! file "/etc/named/master/localhost-reverse.db";
> !};
>
> localhost-forward.db:
> !$TTL 3h
> !localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
> ! ; Serial, Refresh, Retry, Expire, Neg. cache TTL
> !
> ! NS localhost.
> !
> ! A 127.0.0.1
> ! AAAA ::1
>
> localhost-reverse.db:
> !$TTL 3h
> !@ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
> ! ; Serial, Refresh, Retry, Expire, Neg. cache TTL
> !
> ! NS localhost.
> !
> !1.0.0 PTR localhost.
> !
> !1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0\
> ! PTR localhost.
>
> The server has AFAIS all root servers available:
> !$ORIGIN .
> !$TTL 86400 ; 1 day
> !@ IN SOA a.root-servers.net.\
> ! nstld.verisign-!grs.com. (
> ! 2011061700 ; serial
> ! 1800 ; refresh (30 minutes)
> ! 900 ; retry (15 minutes)
> ! 604800 ; expire (1 week)
> ! 86400 ; minimum (1 day)
> ! )
> ! RRSIG SOA 8 0 86400 20110624000000 (
> ! 20110616230000 34525 .
> ! kKIgiv5epNOi/mWtHYtH/Zwj6O6pV+wB09rnMiaTrYRk
> ! HKqH7CCBdnIei6Kc1ghTRgdPwzrpgxzB3VHH/IfjEGbM
> ! 3sNGzMOYFtykMD1xjE93hBUU08yd1ojchWW2AXayGEJZ
> ! 5UOkaiA7cN3txThTtd1/r+k1zR5pvL+S6Pt7TTE=3D )
> !$TTL 518400 ; 6 days
> ! NS a.root-servers.net.
> ! NS b.root-servers.net.
> ! NS c.root-servers.net.
> ! NS d.root-servers.net.
> ! NS e.root-servers.net.
> ! NS f.root-servers.net.
> ! NS g.root-servers.net.
> ! NS h.root-servers.net.
> ! NS i.root-servers.net.
> ! NS j.root-servers.net.
> ! NS k.root-servers.net.
> ! NS l.root-servers.net.
> ! NS m.root-servers.net.
> ! RRSIG NS 8 0 518400 20110624000000 (
> ! 20110616230000 34525 .
> ! KgMPA/Ucp/cFQHQ36kFe8lhVV6ckJx8Zk8Mm2aiKIxOB
> ! v9fsM3qYyGOOqnNUGPr7V0X604r5xaePysUNy0iET+Ga
> ! 9WPmPeEX9438srt54qEDCBeCqn5Zbjo1lOVTrykAvtBI
> ! Y8ONwpp0DcDw9D7mTyBzp+ARLVG56jaZ5AucyGQ=3D )
> [... havily shortened -- the file has about 211k length ...]
>
> Any idea, what is wrong here and where to change configuration to
> make reverse dns-lookups happen?
>
> --=20
> Thomas
>
>
> --=_vrwf203-17994-1308329101-0001-2
> Content-Type: application/pgp-signature; name="signature.asc"
> Content-Transfer-Encoding: 7bit
> Content-Description: OpenPGP digital signature
> Content-Disposition: attachment; filename="signature.asc"
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: GnuPT 2.9.2
>
> iEYEARECAAYFAk37hIsACgkQJuPdOes4UCS0vACfTuGVf934ziG2C0gBNj8cutCI
> EfYAn17Z2OIFYf0yca6qahf1XWmuhjim
> =rQLz
> -----END PGP SIGNATURE-----
>
> --=_vrwf203-17994-1308329101-0001-2--
>
> --===============3481814819935306570==
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> --===============3481814819935306570==--
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list