new here
btb
btb at bitrate.net
Wed May 2 17:27:00 UTC 2012
On 2012.05.02 13.01, David wrote:
> Hello All,
> I am new here but have been watching the list for a while.
> I run a small WISP and we have just moved to a new carrier.
> They have provided us with a cdir ipv4 block of /22 and a /23.
> I am trying to get my reverse DNS working correctly but they will not point
> their servers to my authoritative servers to tell these blocks where to
> find
> their reverse. They told me to place forwards in my servers which I have
> done.
this all seems terribly and unnecessarily convoluted. the 6 arpa zones
for this address space should simply be delegated to your nameservers.
you are saying that your provider will not do this?
> FYI: I am running Bind 9 latest stable on my systems not sure what the
> carrier is running.
>
> Here is what they show on their logs:
>
> 01-May-2012 09:07:30.868 transfer of '104-22.16.98.in-addr.arpa/IN' from
> 98.16.104.14#53: connected using 207.91.5.70#40513
> 01-May-2012 09:07:30.971 transfer of '104-22.16.98.in-addr.arpa/IN' from
> 98.16.104.14#53: failed while receiving responses: NOTAUTH
> 01-May-2012 09:07:30.971 transfer of '104-22.16.98.in-addr.arpa/IN' from
> 98.16.104.14#53: end of transfer
they appear to be attempting classless arpa delegation, but with net
blocks larger than /24. this seems odd to me.
> Here is what My logs show:
>
> 02-May-2012 15:28:29.979 security: client 162.40.117.250#6483: query
> (cache) '104-22.16.98.in-addr.arpa/SOA/IN' denied
> 02-May-2012 15:28:30.133 xfer-out: client 162.40.117.250#43378: bad zone
> transfer request: '104-22.16.98.in-addr.arpa/IN': non-authoritative zone
> (NOTAUTH)
>
> Here is what the named.conf zone looks like
>
> zone "104.16.98.in-addr.arpa" {
> type master;
> file "/var/named/98.16.104.rev";
> allow-transfer {
> 166.102.165.15;
> 162.39.164.14;
> 207.91.5.70;
> 162.40.117.250;
> };
they want you to have a zone named "104-22.16.98.in-addr.arpa", yet you
have instead proclaimed a zone named "104.16.98.in-addr.arpa". why they
want this, though, is a mystery to me.
> I placed the forwarders to allow transfer on this zone but I think the
> zone name is no good.
i'm not sure what they're/you're referring to with forwarders here, but
it's not really relevant given the context so far.
-ben
More information about the bind-users
mailing list