Classless PTR query issue

Barry Margolin barmar at
Tue May 7 15:34:07 UTC 2013

In article <mailman.240.1367938655.20661.bind-users at>,
 Michael Varre <mvarre at> wrote:

> I'm setting up a new zone, similar to the many I've created successfully on 
> other ISPs to answer with PTR records for a /26 the ISP has sub-delegated to 
> my dns servers and it continues to fail:
> May  7 08:18:31 dns1 named[25328]: client view external: query 
> (cache) '' denied
> My named.conf is setup as
> zone "" {
>         type master;
>         file "/var/named/";
> };
> zone record is:
> $TTL 14400
>  86400   IN      SOA      
>      (
>                                                 2013050702 ;Serial Number
>                                                 86400 ;refresh
>                                                 7200 ;retry
>                                                 1209600 ;expire
>                                                 86400 ;minimum
>         )
>  86400   IN      NS
>  86400   IN      NS
> 90      14400   IN      PTR
> Mind you this is a cpanel server and this is the first time I've tried 
> setting up reverse dns to be setup by a cpanel server, but I'm not sure this 
> is relevant.  It creates two views, internal and external. This is getting 
> serviced out of the external view, which really is just setup to answer any 
> question for which it has an answer.  So i _really_ don't think it's relevant 
> but for the sake of troubleshooting I thought I might disclose that.
> Anyone have any ideas?  Thanks in advance.

If you're getting queries for from outside 
clients, it means that the ISP has not set up the proper classless 
reverse delegation. They're delegating to you instead 

But the client IP appears to be one of your own addresses. They should 
be pointing to your caching server, not the authoritative server.  It 
should then follow the ISP's delegation.  If you're using the same 
server for auth and caching, you need to put the local IPs in the 
allow-query ACL.

Barry Margolin
Arlington, MA

More information about the bind-users mailing list