Kirk wrote:
$ dig +trace @127.0.0.1 -x 203.22.30.47
; <<>> DiG 9.4.3 <<>> +trace @127.0.0.1 -x 203.22.30.47
; (1 server found)
;; global options: printcmd
. 517909 IN NS G.ROOT-SERVERS.NET.
. 517909 IN NS A.ROOT-SERVERS.NET.
. 517909 IN NS B.ROOT-SERVERS.NET.
. 517909 IN NS K.ROOT-SERVERS.NET.
. 517909 IN NS J.ROOT-SERVERS.NET.
. 517909 IN NS M.ROOT-SERVERS.NET.
. 517909 IN NS H.ROOT-SERVERS.NET.
. 517909 IN NS L.ROOT-SERVERS.NET.
. 517909 IN NS C.ROOT-SERVERS.NET.
. 517909 IN NS I.ROOT-SERVERS.NET.
. 517909 IN NS E.ROOT-SERVERS.NET.
. 517909 IN NS F.ROOT-SERVERS.NET.
. 517909 IN NS D.ROOT-SERVERS.NET.
;; Received 492 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
203.in-addr.arpa. 86400 IN NS TINNIE.ARIN.NET.
203.in-addr.arpa. 86400 IN NS NS-SEC.RIPE.NET.
203.in-addr.arpa. 86400 IN NS NS4.APNIC.NET.
203.in-addr.arpa. 86400 IN NS DNS1.TELSTRA.NET.
203.in-addr.arpa. 86400 IN NS NS1.APNIC.NET.
203.in-addr.arpa. 86400 IN NS NS3.APNIC.NET.
;; Received 185 bytes from 202.12.27.33#53(M.ROOT-SERVERS.NET) in 273 ms
30.22.203.in-addr.arpa. 86400 IN NS ns.bigtrolley.com.au.
30.22.203.in-addr.arpa. 86400 IN NS ns.opensystems.com.au.
;; Received 106 bytes from 193.0.0.196#53(NS-SEC.RIPE.NET) in 26 ms
47.30.22.203.in-addr.arpa. 38400 IN PTR mail.opensystems.com.au.
30.22.203.in-addr.arpa. 38400 IN NS ns02.opensystems.com.au.
30.22.203.in-addr.arpa. 38400 IN NS ns01.opensystems.com.au.
;; Received 150 bytes from 203.22.30.26#53(ns.bigtrolley.com.au) in
326 ms
Not sure I'm correct here, but wondering if this has something to do
with:
ns.opensystems.com.au. is aliased to ns01.opensystems.com.au.
ns.bigtrolley.com.au. is aliased to ns02.opensystems.com.au.
running bind version 9.4.3
named.conf
<<<
options {
directory "/var/named";
query-source address 192.168.0.15 port 53;
Off topic, I thought setting a query-source port is a bad thing with
regards to DNS cache poisoning attacks.
allow-recursion { any; };
allow-query { any; };
allow-query-cache { any; };
};
logging {
category lame-servers { null; };
};
# main root caches
zone "." {
type hint;
file "root.cache";
};
>>>
Thanks for the heads up on the query-source port kirk will remove it.
Found out that the name servers that our hosting provider has (the ones
that work) use a simpleDNS cluster so guessing maybe they work by not
being as strict on name reversing as bind is.
Jason
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users