new here

btb btb at bitrate.net
Wed May 2 17:27:00 UTC 2012


On 2012.05.02 13.01, David wrote:
> Hello All,
>   I am new here but have been watching the list for a while.
> I run a small WISP and we have just moved to a new carrier.
> They have provided us with a cdir ipv4 block of /22 and a /23.
> I am trying to get my reverse DNS working correctly but they will not point
> their servers to my authoritative servers to tell these blocks where to
> find
> their reverse. They told me to place forwards in my servers which I have
> done.

this all seems terribly and unnecessarily convoluted.  the 6 arpa zones 
for this address space should simply be delegated to your nameservers. 
you are saying that your provider will not do this?

> FYI: I am running Bind 9 latest stable on my systems not sure what the
> carrier is running.
>
> Here is what they show on their logs:
>
> 01-May-2012 09:07:30.868 transfer of '104-22.16.98.in-addr.arpa/IN' from
> 98.16.104.14#53: connected using 207.91.5.70#40513
> 01-May-2012 09:07:30.971 transfer of '104-22.16.98.in-addr.arpa/IN' from
> 98.16.104.14#53: failed while receiving responses: NOTAUTH
> 01-May-2012 09:07:30.971 transfer of '104-22.16.98.in-addr.arpa/IN' from
> 98.16.104.14#53: end of transfer

they appear to be attempting classless arpa delegation, but with net 
blocks larger than /24.  this seems odd to me.

> Here is what My logs show:
>
> 02-May-2012 15:28:29.979 security: client 162.40.117.250#6483: query
> (cache) '104-22.16.98.in-addr.arpa/SOA/IN' denied
> 02-May-2012 15:28:30.133 xfer-out: client 162.40.117.250#43378: bad zone
> transfer request: '104-22.16.98.in-addr.arpa/IN': non-authoritative zone
> (NOTAUTH)
>
> Here is what the named.conf zone looks like
>
> zone "104.16.98.in-addr.arpa" {
>          type master;
>          file "/var/named/98.16.104.rev";
>          allow-transfer {
>                  166.102.165.15;
>                  162.39.164.14;
>                  207.91.5.70;
>                  162.40.117.250;
>                  };

they want you to have a zone named "104-22.16.98.in-addr.arpa", yet you 
have instead proclaimed a zone named "104.16.98.in-addr.arpa".  why they 
want this, though, is a mystery to me.

> I placed the forwarders to allow transfer on this zone but I think the
> zone name is no good.

i'm not sure what they're/you're referring to with forwarders here, but 
it's not really relevant given the context so far.

-ben



More information about the bind-users mailing list