new here

Ben Croswell ben.croswell at gmail.com
Wed May 2 17:40:30 UTC 2012 

Allow-transfer is not the same as forwarding.

Are they wanting to secondary from you?

If so you need to ensure they can do queries against your master for the
zones so they can request soa to check the serial number.

Also it appears they are trying to xfer the cidr block with a different
name than you are loading it as.
You load 104.16.98.in-addr.arpa. they are transferring
104-22.16.98.in-addr.arpa.
-Ben Croswell
On May 2, 2012 1:18 PM, "David" <dmilholen at wletc.com> wrote:

> **
> Hello All,
>  I am new here but have been watching the list for a while.
> I run a small WISP and we have just moved to a new carrier.
> They have provided us with a cdir ipv4 block of /22 and a /23.
> I am trying to get my reverse DNS working correctly but they will not point
> their servers to my authoritative servers to tell these blocks where to
> find
> their reverse. They told me to place forwards in my servers which I have
> done.
>
> FYI: I am running Bind 9 latest stable on my systems not sure what the
> carrier is running.
>
> Here is what they show on their logs:
>
> 01-May-2012 09:07:30.868 transfer of '104-22.16.98.in-addr.arpa/IN' from
> 98.16.104.14#53: connected using 207.91.5.70#40513
> 01-May-2012 09:07:30.971 transfer of '104-22.16.98.in-addr.arpa/IN' from
> 98.16.104.14#53: failed while receiving responses: NOTAUTH
> 01-May-2012 09:07:30.971 transfer of '104-22.16.98.in-addr.arpa/IN' from
> 98.16.104.14#53: end of transfer
>
> Here is what My logs show:
>
>  02-May-2012 15:28:29.979 security: client 162.40.117.250#6483: query
> (cache) '104-22.16.98.in-addr.arpa/SOA/IN' denied
> 02-May-2012 15:28:30.133 xfer-out: client 162.40.117.250#43378: bad zone
> transfer request: '104-22.16.98.in-addr.arpa/IN': non-authoritative zone
> (NOTAUTH)
>
> Here is what the named.conf zone looks like
>
> zone "104.16.98.in-addr.arpa" {
>         type master;
>         file "/var/named/98.16.104.rev";
>         allow-transfer {
>                 166.102.165.15;
>                 162.39.164.14;
>                 207.91.5.70;
>                 162.40.117.250;
>                 };
> I placed the forwarders to allow transfer on this zone but I think the
> zone name is no good.
>
> Thanks
> Dave
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120502/d705bf8f/attachment.html>

More information about the bind-users mailing list