Re: Issue with reverse dns and local caching name server

Wed, 10 Jun 2009 08:05:28 -0700 

Kirk wrote:

$ dig +trace @127.0.0.1 -x 203.22.30.47

; <<>> DiG 9.4.3 <<>> +trace @127.0.0.1 -x 203.22.30.47
; (1 server found)
;; global options:  printcmd
.                       517909  IN      NS      G.ROOT-SERVERS.NET.
.                       517909  IN      NS      A.ROOT-SERVERS.NET.
.                       517909  IN      NS      B.ROOT-SERVERS.NET.
.                       517909  IN      NS      K.ROOT-SERVERS.NET.
.                       517909  IN      NS      J.ROOT-SERVERS.NET.
.                       517909  IN      NS      M.ROOT-SERVERS.NET.
.                       517909  IN      NS      H.ROOT-SERVERS.NET.
.                       517909  IN      NS      L.ROOT-SERVERS.NET.
.                       517909  IN      NS      C.ROOT-SERVERS.NET.
.                       517909  IN      NS      I.ROOT-SERVERS.NET.
.                       517909  IN      NS      E.ROOT-SERVERS.NET.
.                       517909  IN      NS      F.ROOT-SERVERS.NET.
.                       517909  IN      NS      D.ROOT-SERVERS.NET.
;; Received 492 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms

203.in-addr.arpa.       86400   IN      NS      TINNIE.ARIN.NET.
203.in-addr.arpa.       86400   IN      NS      NS-SEC.RIPE.NET.
203.in-addr.arpa.       86400   IN      NS      NS4.APNIC.NET.
203.in-addr.arpa.       86400   IN      NS      DNS1.TELSTRA.NET.
203.in-addr.arpa.       86400   IN      NS      NS1.APNIC.NET.
203.in-addr.arpa.       86400   IN      NS      NS3.APNIC.NET.
;; Received 185 bytes from 202.12.27.33#53(M.ROOT-SERVERS.NET) in 273 ms

30.22.203.in-addr.arpa. 86400   IN      NS      ns.bigtrolley.com.au.
30.22.203.in-addr.arpa. 86400   IN      NS      ns.opensystems.com.au.
;; Received 106 bytes from 193.0.0.196#53(NS-SEC.RIPE.NET) in 26 ms

47.30.22.203.in-addr.arpa. 38400 IN     PTR     mail.opensystems.com.au.
30.22.203.in-addr.arpa. 38400   IN      NS      ns02.opensystems.com.au.
30.22.203.in-addr.arpa. 38400   IN      NS      ns01.opensystems.com.au.
;; Received 150 bytes from 203.22.30.26#53(ns.bigtrolley.com.au) in 326 ms
Not sure I'm correct here, but wondering if this has something to do with: 
ns.opensystems.com.au. is aliased to ns01.opensystems.com.au.
ns.bigtrolley.com.au. is aliased to ns02.opensystems.com.au.



running bind version 9.4.3

named.conf
<<<
options {
 directory "/var/named";
 query-source address 192.168.0.15 port 53;
Off topic, I thought setting a query-source port is a bad thing with regards to DNS cache poisoning attacks. 


 allow-recursion { any; };
 allow-query { any; };
 allow-query-cache { any; };
};

logging {
       category lame-servers { null; };
};

# main root caches
zone "." {
   type hint;
   file "root.cache";
};
 >>>




Thanks for the heads up on the query-source port kirk will remove it.
Found out that the name servers that our hosting provider has (the ones that work) use a simpleDNS cluster so guessing maybe they work by not being as strict on name reversing as bind is. 

Jason
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to