[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 176
  • Last Modified:

Windows 2000 DNS Reverse Lookup Zone

Hello, I'm having a problem with my Win2000 dns server.  I have a reverse zone setup, with 1 ptr record for the dns server.  When I query the server, or the secondary server for the zone I get the answer I expect.  When I query any other dns server on the net, It shows the following.

HEADER:
    opcode = QUERY, id = 7345, rcode = NAME_ERR
    header flags: reply, want recursion, recursion avail.
    questions = 1, answers = 1, auth. records = 1, additional = 0
QUESTIONS:
    197.161.215.xxx.in-addr.arpa., type = PTR, class = 1
ANSWERS:
->  197.161.215.xxx.in-addr.arpa.
    type = CNAME, class = 1, ttl = 15143, dlen = 14
    alias = 197.192-255.161.215.xxx.in-addr.arpa.
AUTHORITY RECORDS:
->  161.215.168.in-addr.arpa.
    type = SOA, class = 1, ttl = 9923, dlen = 53
    nameserver = dns.xxx.cc.
    mailaddress = xxx.xxx.cc.
    serial number= 2001060802, refresh = 28800, retry = 7200,
    expire = 604800, minimum = 86400.

**complete**


Helllllllp.

tia

Andrew
0
acoker
Asked:
acoker
  • 4
  • 3
  • 2
  • +1
1 Solution
 
rcasteelCommented:
It  looks like you might have a PTR for a CNAME and the CNAMEs HOST record does not have a PTR
0
 
acokerAuthor Commented:
Thats what's confusing to me, I have no CNAMEs.

0
 
rcasteelCommented:
can you resolve your host name from remote DNS servers?
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
acokerAuthor Commented:
Yes, the problem is for reverse lookups on the mail server.  mail is being denied because reverse query's are not working correctly..
0
 
AvonWyssCommented:
Reverse DNS is always queried on the network block owner's DNS server. You should ask your ISP to fill out the PTR records on his DNS.

Why is it like this? Well, for forward queries, and DNS server can be specified in the root servers. However, for reverse queries, the server cannot be determined other than by a net block list. Thus, the netblock owner will be queried.
0
 
andyalderSaggar makers bottom knockerCommented:
The ISP has put a CNAME entry in their reverse zone file to tell NSLOOKUP and other queries that the particular address has it's PTR record maintained by your DNS server. NSLOOKUP is not clever enough to understand the CNAME in the reverse lookup zone.

This will explain why you see a CNAME, http://support.microsoft.com/support/kb/articles/Q174/4/19.ASP?

0
 
AvonWyssCommented:
acoker, may I ask you to comment on your decision to award points? Because I believe my comment answered your question correctly, I'd like to know why you decided to award the points to a later comment which roughly says the same thing.
0
 
andyalderSaggar makers bottom knockerCommented:
Where did you explain the CNAME in the reverse lookup zonefile Avon?
0
 
AvonWyssCommented:
I did explain why servers on the internet were not returning the expected results. I believe that was the question in the first place, because the CNAME vs. PTR stuff only is useful if one understands why the own DNS server is not queried directly.
0
 
andyalderSaggar makers bottom knockerCommented:
Avon>>I did explain why servers on the internet were not returning the expected results.

But they **ARE** returning the correct/expected result. You told him to get the ISP to do it for him rather than explaining what is happening.
0
 
AvonWyssCommented:
Whatever.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now