Reverse dns issue

Wed, 23 Mar 2011 07:37:02 -0700 

Hi,
I'm using a software which uses bind and I'm experiencing a problem with the reverse dns function of bind. I only have private adresses on my network but the nodes also have dns names. There is a server on this network, which is also a name server, that has internet through a gateway. When my nodes are doing a dns query to the server, eveything is ok and they get their corresponding (private) IP address. The problem occurs when a node is sending a reverse dns query to the server. The server should return the name that matches the IP address but instead I have this error in the bind log 

21-Mar-2011 14:53:44.389 security: warning: client 10.100.2.129#61940:
view internal: RFC 1918 response from Internet for 5.2.100.10.in-
addr.arpa


In this case 10.100.2.5 (or 5.2.100.10) is the server itself so it 
should able to get his own name



This "response from Internet" seems weird to me because it should not 
ask an internet name server since it is private address. I checked with 
tcpdump and I didn't see any dns query going out of the server so it's 
not doing recursive lookups




Anyone can help with this? Does bind have a special option for private 
addresses?
I've seen that there is a reverse folder in /etc/namedb with files names 
like this "10.0.252.db", are these files used for the reverse dns 
resolution? I tried to add a file for the subnetwork I use (10.100.2) 
but this didn't change anything



Here is a tcpdump of the communication between the node and the server 
showing the failing query



10:42:35.494523 IP 10.100.2.129.60331 > boss.vlan100.domain: 42377+ PTR? 
5.2.100.10.in-addr.arpa. (41)
10:42:35.494691 IP boss.vlan100.domain > 10.100.2.129.60331: 42377 
NXDomain 0/1/0 (118)
10:42:35.495019 IP 10.100.2.129.54934 > boss.vlan100.domain: 42378+ A? 
UNKNOWN.vlan100. (33)
10:42:35.495090 IP boss.vlan100.domain > 10.100.2.129.54934: 42378 
NXDomain* 0/1/0 (86)
10:42:35.495416 IP 10.100.2.129.64666 > boss.vlan100.domain: 42379+ A? 
UNKNOWN. (25)
10:42:35.495469 IP boss.vlan100.domain > 10.100.2.129.64666: 42379 
NXDomain 0/1/0 (100)



Thanks in advance
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users






















					Reply via email to