I think the ISP may have done something untoward with
87.233.202.162.in-addr.arpa, since I'm getting a NODATA response for that name,
from the 233.202.162.in-addr.arpa zone, most probably because it's an empty
non-terminal. But what would be under that, and why?
- Kevin
-----Original Message-----
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Mark
Andrews
Sent: Friday, January 20, 2017 3:55 PM
To: bind-us...@isc.org
Subject: Re: rDNS
You have the netblock 162.202.233.80-162.202.233.87 (162.202.233.80/29).
When software performs a reverse lookup it constructs a DNS name from the
address like 80.233.202.162.in-addr.arpa. Now as the netblock is not a full
/24 you either have to create 8 zones, one for each PTR record, or provide
records at those names which map the lookups to new names. The later is what
has been done here.
The technique is described in RFC 2317.
ATT has delegated a zone for the first address in the address block to you.
That zone is called 80.233.202.162.in-addr.arpa. It has then added CNAME
records to map lookups for the rest of the address in your address block into
this zone.
e.g.
81.233.202.162.in-addr.arpa. CNAME 81.80.233.202.162.in-addr.arpa.
...
86.233.202.162.in-addr.arpa. CNAME 86.80.233.202.162.in-addr.arpa.
The 80.233.202.162.in-addr.arpa zone should look like this.
$TTL 1h
@ SOA ns1.archaxis.net. me.archaxis.net. (
2017012002 ; Serial
1h ; Refresh
1h ; Retry
4w ; Expire
1h ) ; Negative cashing TTL
NS ns1.archaxis.net.
NS ns2.archaxis.net.
PTR network.archaxis.net.
81 PTR alpha.archaxis.net.
82 PTR bravo.archaxis.net.
87 PTR broadcast.archaxis.net.
I increased the expire field to 4 weeks as it was way too small.
Note the reverse for 162.202.233.80 is NOT mapped to a new name so the PTR
record for that address is at the zone's apex. As all the records had a TTL of
1 hour I set the default TTL to that value and removed the per record setting
of the TTL. I also removed the class field as that is inherited from the
zone's declaration.
Don't forget to bump the zones serial when you install it.
Once you have the above sorted out and have tested it. You now need to slave
the zone 233.202.162.in-addr.arpa as that contains the CNAME records. ATT
should allow you to transfer it. If they don't find a ISP that knows what they
are doing. You need a local copy of the zone so that when you link goes down
you can still do reverse lookups.
zone "233.202.162.in-addr.arpa" {
type slave;
masters { 151.164.1.1; };
file "233.202.162.in-addr.arpa";
};
Mark
In message <20170120162146.ga14...@fantomas.sk>, Matus UHLAR - fantomas writes:
> On 20.01.17 09:57, Ron Wingfield wrote:
> > I am having difficulty configuring reverse DNS. This has been a
> problem
> > for over a year between my server(s) and my ISP, AT&T. Specifically, I
> > cannot eMail to any recipient that requires rDNS verification, e.g.,
> > SBCglobal.net, Comcast.net, or AOL. Very frustrating.
>
> > . . .why shouldnt this point to my server, 162.202.233.81 and not
> > AT&Ts?
>
> because reverse domains are also tracked from the DNS root:
>
> 233.202.162.in-addr.arpa. 7200 IN SOA ns1.swbell.net.
> postmaster.swbell.net. 2016061700 10800 900 604800 3600
>
> 81.233.202.162.in-addr.arpa. 7200 IN CNAME
> 81.80.233.202.162.in-addr.arpa.
>
> > I have coded my BIND 9 in-addr.arpa zone file as follows:
> >
> > $ORIGIN 233.202.162.in-addr.arpa.
>
> stop defining $ORIGIN in zone file. the $ORIGIN is taken from named "zone"
> statement.
>
> According to those above you have to configure zone
> 80.233.202.162.in-addr.arpa.
> and adk swbell.net to fetchit from you.
>
> > $TTL 3h
> > @ IN SOA ns1.archaxis.net. me.archaxis.net. (
> > 2017012002 ; Serial
> > 1h ; Refresh
> > 1h ; Retry
> > 1h ; Expire
> > 1h ) ; Negative cashing TTL
> >
> > 3600 IN NS ns1.archaxis.net.
> > 3600 IN NS ns2.archaxis.net.
> >
> > 80 3600 IN PTR network.archaxis.net.
> > 81 3600 IN PTR alpha.archaxis.net.
> > 82 3600 IN PTR bravo.archaxis.net.
> > 87 3600 IN PTR broadcast.archaxis.net.
> >
> > What is wrong? Is this my problem, or with AT&T?
>
>
>
> --
> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Spam is for losers who can't get business any other way.
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
