<html><body><div style="font-family: arial, helvetica, sans-serif; font-size: 12pt; color: #000000"><!--StartFragment--><div>Hello dear Bind Users,<br></div><div><br></div><div>I am writing to you, expecting debugging my situation, that I did not succeeded in resolve by myself (after too much hours on google).<br></div><div><br></div><div>I have set a bind server for my domain "pasteur-cayenne.fr" which is primary authorative zone server for this domain.<br></div><div>Secondary servers for this domain are set to orange (ns6.oleane.net and ns7.oleane.net)<br></div><div><br></div><div>It is working good except for reverse dns lookup :<br>- reverse ip dns lookup is working for my bind server<br>- reverse ip dns lookup is not working with orange dns server<br></div><div><br></div><div>By example :<br></div><div><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"># dig @ara.pasteur-cayenne.fr -x 186.2.246.17</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> @ara.pasteur-cayenne.fr -x 186.2.246.17</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">; (1 server found)</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; global options: +cmd</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; Got answer:</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37698</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; WARNING: recursion requested but not available</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; OPT PSEUDOSECTION:</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">; EDNS: version: 0, flags:; udp: 4096</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; QUESTION SECTION:</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;17.246.2.186.in-addr.arpa. IN PTR</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; ANSWER SECTION:</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">17.246.2.186.in-addr.arpa. 604800 IN PTR <strong>smtp.pasteur-cayenne.fr.</strong></span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; AUTHORITY SECTION:</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">17.246.2.186.in-addr.arpa. 604800 IN NS ara.pasteur-cayenne.fr.</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; ADDITIONAL SECTION:</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">ara.pasteur-cayenne.fr. 3600 IN A 186.2.246.17</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; Query time: 0 msec</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; SERVER: 186.2.246.17#53(186.2.246.17)</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; WHEN: <span class="Object" role="link" id="OBJ_PREFIX_DWT48_com_zimbra_date">jeu</span>. déc. 26 15:38:12 -03 2019</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; MSG SIZE rcvd: 125</span><br><br></div><div><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"># dig @ns6.oleane.net -x 186.2.246.17</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> @ns6.oleane.net -x 186.2.246.17</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">; (2 servers found)</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; global options: +cmd</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; Got answer:</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2927</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 1</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; WARNING: recursion requested but not available</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; OPT PSEUDOSECTION:</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">; EDNS: version: 0, flags:; udp: 4096</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; QUESTION SECTION:</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;17.246.2.186.in-addr.arpa. IN PTR</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; AUTHORITY SECTION:</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS D.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS G.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS H.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS I.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS L.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS C.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS F.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS E.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS A.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS M.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS J.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS K.ROOT-SERVERS.NET.</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">. 518400 IN NS B.ROOT-SERVERS.NET.</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; Query time: 168 msec</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; SERVER: 194.2.0.6#53(194.2.0.6)</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; WHEN: <span class="Object" role="link" id="OBJ_PREFIX_DWT49_com_zimbra_date">jeu</span>. déc. 26 15:38:56 -03 2019</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">;; MSG SIZE rcvd: 265</span><br></div><div><br></div><div>This is weird, all the zone "pasteur-cayenne.fr" is well replicated on orange server, except for reverse dns lookup...<br></div><div><br></div><div>Below the dump of my named.conf :</div><div><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">options {</span></div><div><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"></span><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> listen-on port 53 { any; };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> listen-on-v6 { none; };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> directory "/var/named";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> dump-file "/var/named/data/cache_dump.db";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> statistics-file "/var/named/data/named_stats.txt";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> memstatistics-file "/var/named/data/named_mem_stats.txt";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> allow-query { any; };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> allow-recursion { localnets; };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> allow-query-cache { localnets; };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> allow-transfer {10.9.8.1; 62.161.7.196; 62.161.7.197; 62.161.7.198; 62.161.6.196; 62.161.6.197; 62.161.6.198;};</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> notify yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> version none;</span><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"></span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> recursion yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> dnssec-enable yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> dnssec-validation yes;</span><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"></span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> bindkeys-file "/etc/named.iscdlv.key";</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> managed-keys-directory "/var/named/dynamic";</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> pid-file "/run/named/named.pid";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> session-keyfile "/run/named/session.key";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">};</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">logging {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> channel default_debug {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "data/named.run";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> severity dynamic;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> channel "requetes" {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "data/queries.log" size 10m;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-time yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-category yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> category queries { "requetes"; };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> channel "securite" {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "data/securite.log" versions 3 size 30m;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-category yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-severity yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> severity dynamic;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-time yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> category security { "securite"; };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> channel "global" {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "data/global.log" size 5m;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-category yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-severity yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-time yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> category general { "global"; };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> channel "configuration" {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "data/config.log" size 5m;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-category yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-severity yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> print-time yes;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> category config { "configuration"; };</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">};</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">view "internet" {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> match-clients {"any"; }; // all others hosts</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> // recursion not supported</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> recursion no;</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> zone "pasteur-cayenne.fr" IN {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> type master;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "external/db.pasteur-cayenne.fr";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> forwarders{};</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> };</span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> zone "19.247.2.186.in-addr.arpa" IN {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> type master;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "external/db.pasteur-cayenne.fr.inv0";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> forwarders{};</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> }; </span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> zone "17.246.2.186.in-addr.arpa" IN {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> type master;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "external/db.pasteur-cayenne.fr.inv1";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> forwarders{};</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> }; </span><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"></span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> zone "22.246.2.186.in-addr.arpa" IN {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> type master;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "external/db.pasteur-cayenne.fr.inv3";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> forwarders{};</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> }; </span><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"></span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> zone "26.246.2.186.in-addr.arpa" IN {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> type master;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "external/db.pasteur-cayenne.fr.inv4";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> forwarders{};</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> }; </span><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"></span><br><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> zone "30.246.2.186.in-addr.arpa" IN {</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> type master;</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> file "external/db.pasteur-cayenne.fr.inv5";</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> forwarders{};</span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> }; </span><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"></span><br><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"> };</span><br></div><div><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"><br></span></div><div><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"><span style="font-size: 12pt;" data-mce-style="font-size: 12pt;">here is a dump of my zone file :</span><br>$TTL 604800<br>@ IN SOA ara.pasteur-cayenne.fr. hostmaster.pasteur-cayenne.fr. (<br> 2019122601<br> 7200 <br> 3600<br> 1209600<br> 86400 ) <br>$TTL 86400<br> NS ara.pasteur-cayenne.fr.<br> NS ns6.oleane.net.<br> NS ns7.oleane.net.<br>$TTL 3600<br> MX 0 smtp.pasteur-cayenne.fr.<br>$ORIGIN pasteur-cayenne.fr.<br><br>@ 86400 IN TXT "v=spf1 a mx -all"<br>@ 86400 IN SPF "v=spf1 a mx -all"<br><br>; DKIM<br>1C8CAD5A-194F-11EA-BDA2-7FCBBE1B5136._domainkey IN TXT ( "v=DKIM1; k=rsa; "<br> "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz9uhHIP6BeOL170uRLNtGD8Al/Dk3RHnB2oqaTpQUYojtnzq+J6CjyTGLlsX1aZk7Nbjxj13vf//O3tASV34QH1ozGEEmHptI953Qk9qLq6AUO+OZ1pkQ+8Z/VqXCbe5GLqDg1+lXI6T3zWN2FQNrUCm4HZ952jrrKSJET2dGYKLp49fUI6LZd15VSwTO+3DKAtpa16gbxbIu"<br> "Jxo3Jcd/pxQhWUYVmMA0/ZR4H0ZljD2EVGeSnNKNbCB3mOXFKTI/zW8Liqf+HpNs69qcmUvHlTCSokOlp/KT1AcSpfgnqAG3gwiyc2gFM+lgPX8c8bfd+8O64GX3zM17QGwbvf1wIDAQAB" )<br><br>; DMARC<br>_dmarc IN TXT ( "v=DMARC1; p=none; "<br> "rua=<span class="Object" role="link" id="OBJ_PREFIX_DWT53_ZmEmailObjectHandler">mailto:dmarc@pasteur-cayenne.fr</span>; pct=5; "<br> "sp=none; aspf=r" )<br><br>ara A 186.2.246.17<br>smtp A 186.2.246.17<br>urubu A 212.234.233.66<br>www A 104.196.197.161<br><br>;** Les lignes suivantes dénissent la table entre les noms et les IP<br>cerbere A 186.2.247.19<br>zpush A 186.2.246.20<br>webmail A 186.2.246.21<br>ares-srv A 186.2.246.22<br>reslbm A 186.2.246.23<br>visio A 186.2.246.26<br>codat A 186.2.246.30<br>ns6 A 194.2.0.6<br>ns7 A 194.2.0.7<br><br><br></span></div><div><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;"><span style="font-size: 12pt;" data-mce-style="font-size: 12pt;">And here is a dump of my conf file for reverse dns 186.2.246.17 :</span></span></div><div><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">$TTL 604800<br>@ IN SOA ara.pasteur-cayenne.fr. hostmaster.pasteur-cayenne.fr. (<br> 2019122601 ; Serial <br> 172800 ; Refresh <br> 21600 ; Retry<br> 1209600 ; Expire<br> 86400 ) ; Negative Cache TTL<br>@ IN NS ara.pasteur-cayenne.fr.<br>17.246.2.186.in-addr.arpa. IN PTR smtp.pasteur-cayenne.fr.<br><br></span></div><div><span style="font-size: 12pt;" data-mce-style="font-size: 12pt;">My bind server (ara.pasteur-cayenne.fr) is anwering on the same public IP (186.2.246.17, port 53) than my mail server (smtp.pasteur-cayenne.fr, port 25)<br></span></div><div><span style="font-size: 12pt;" data-mce-style="font-size: 12pt;">Only reverse DNS for smtp.pasteur-cayenne.fr is configured on this public ip; Should my DNS server (ara.pasteur-cayenne.fr) have also a reverse DNS ?<br></span></div><div><span style="font-size: 12pt;" data-mce-style="font-size: 12pt;"><br></span></div><div><span style="font-size: 12pt;" data-mce-style="font-size: 12pt;">I would like only reverse dns to work with smtp.pasteur-cayenne.fr because this is needed for mail (rdns check from others MTA).<br data-mce-bogus="1"></span></div><div><span style="font-size: 12pt;" data-mce-style="font-size: 12pt;"><br></span></div><div><span style="font-size: 12pt;" data-mce-style="font-size: 12pt;">Best Regards,<br></span></div><div><span style="font-size: 12pt;" data-mce-style="font-size: 12pt;">EdG</span></div><!--EndFragment--><div><br data-mce-bogus="1"></div></div></body></html>