Link to home
Create AccountLog in
Avatar of teleformix
teleformix

asked on

DNS RFC 2317 Question

I am trying to wrap my head around setting up our external reverse DNS and I just don't get it.  According to our ISP our network block has been delegated to our name servers.  I've tried multiple things and I just can't seem to make it work.

Let say the address range we were provided is 10.11.12.0/27.  How do I setup Bind 9.3x to handle the reverse DNS?  Here's snippets of my configuration (modified of course).

All of my zones and configs load without error.  But when I try and reverse the ip address 10.11.12.20 I get nothing.

I don't understand the hand off per RFC 2317 and how to setup our DNS.

Any help would be greatly appreciated.

Thanks!

/var/named/chroot/etc/named.conf
 
zone "0/27.12.11.10.in-addr.arpa" {
        type master;
        file "/var/named/10.11.12.rev";
        };
 
-------------------------------------------------
 
/var/named/chroot/var/named/10.11.12.rev
 
$TTL    86400
0/27.12.11.10.in-addr.arpa.   IN      SOA     ns1.example.com infrastructure@example.com. (
                        1236957449
                        10800
                        3600
                        604800
                        38400 )
        IN      NS      ns1.example.com.
        IN      NS      ns2.example.com.
20      PTR     email.example.com.

Open in new window

Avatar of omarfarid
omarfarid
Flag of United Arab Emirates image

please see:

http://www.apnic.net/db/revdel.html

I am not sure if the line below is correct:

zone "0/27.12.11.10.in-addr.arpa"
Avatar of teleformix
teleformix

ASKER

I don't own the the entire /24 block.  How else should I break it out?
ASKER CERTIFIED SOLUTION
Avatar of omarfarid
omarfarid
Flag of United Arab Emirates image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Thanks pretty much the same thing I've been trying if you look at my examples.  I can't even get the DNS server that this is running on to reverse this IP.
what exactly not working? can you show command and response?
The reverse look up.  Our reverse DNS is fine for anything but this external delegated zone.

[root@DNS named]# nslookup email
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   email.example.com
Address: 10.11.12.20

[root@DNS named]# nslookup 10.11.12.20
Server:         127.0.0.1
Address:        127.0.0.1#53

** server can't find 20.12.11.10.in-addr.arpa: SERVFAIL
[root@itil-tfxdns01 named]# dig 12.236.197.20

; <<>> DiG 9.3.4-P1 <<>> 12.236.197.20
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3451
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;12.236.197.20.                 IN      A

;; AUTHORITY SECTION:
.                       10800   IN      SOA     A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2009031301 1800 900 604800 86400

;; Query time: 264 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Mar 13 18:15:06 2009
;; MSG SIZE  rcvd: 106
The last post was me trying with the real block/IP.  Previous posts were just me substituting IP/network information.
This still isn't working and I've tried a million things.  The only thing I really care about is the .20 address as that is for mail.

Here's my current named.conf

---

zone "0/27.197.236.12.in-addr.arpa" {
        type master;
        file "/var/named/12.236.197.rev";

---

Here is the zone file

$TTL    86400
$ORIGIN 0/27.197.236.12.in-addr.arpa.
@       IN      SOA     ns1.teleformix.com infrastructure@teleformix.com. (
                        2009032414
                        10800
                        3600
                        604800
                        38400 )
        IN      NS      ns1.teleformix.com.
        IN      NS      ns2.teleformix.com.
1       PTR     host1.teleformix.com.
2       PTR     host2.teleformix.com.
3       PTR     host3.teleformix.com.
4       PTR     host4.teleformix.com.
5       PTR     host5.teleformix.com.
6       PTR     host6.teleformix.com.
7       PTR     host7.teleformix.com.
8       PTR     host8.teleformix.com.
9       PTR     host9.teleformix.com.
10      PTR     host10.teleformix.com.
11      PTR     host11.teleformix.com.
12      PTR     host12.teleformix.com.
13      PTR     host13.teleformix.com.
14      PTR     host14.teleformix.com.
15      PTR     host15.teleformix.com.
16      PTR     host16.teleformix.com.
17      PTR     host17.teleformix.com.
18      PTR     host18.teleformix.com.
19      PTR     host19.teleformix.com.
20      PTR     email.teleformix.com.
21      PTR     host21.teleformix.com.
22      PTR     host22.teleformix.com.
23      PTR     host23.teleformix.com.
24      PTR     host24.teleformix.com.
25      PTR     host25.teleformix.com.
26      PTR     host26.teleformix.com.
27      PTR     host27.teleformix.com.
28      PTR     host28.teleformix.com.
29      PTR     host29.teleformix.com.
30      PTR     host30.teleformix.com.
31      PTR     host31.teleformix.com.

---

Here is what I see from an outside source using dig.

dig -x '12.236.197.20' +trace

; <<>> DiG 9.3.2 <<>> -x 12.236.197.20 +trace
 ;; global options:  printcmd
 .                  203425      IN      NS      G.ROOT-SERVERS.NET.
 .                  203425      IN      NS      H.ROOT-SERVERS.NET.
 .                  203425      IN      NS      I.ROOT-SERVERS.NET.
 .                  203425      IN      NS      J.ROOT-SERVERS.NET.
 .                  203425      IN      NS      K.ROOT-SERVERS.NET.
 .                  203425      IN      NS      L.ROOT-SERVERS.NET.
 .                  203425      IN      NS      M.ROOT-SERVERS.NET.
 .                  203425      IN      NS      A.ROOT-SERVERS.NET.
 .                  203425      IN      NS      B.ROOT-SERVERS.NET.
 .                  203425      IN      NS      C.ROOT-SERVERS.NET.
 .                  203425      IN      NS      D.ROOT-SERVERS.NET.
 .                  203425      IN      NS      E.ROOT-SERVERS.NET.
 .                  203425      IN      NS      F.ROOT-SERVERS.NET.
 ;; Received 228 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
 
 12.in-addr.arpa.      86400      IN      NS      CBRU.BR.NS.ELS-GMS.ATT.NET.
 12.in-addr.arpa.      86400      IN      NS      DMTU.MT.NS.ELS-GMS.ATT.NET.
 12.in-addr.arpa.      86400      IN      NS      DBRU.BR.NS.ELS-GMS.ATT.NET.
 12.in-addr.arpa.      86400      IN      NS      CMTU.MT.NS.ELS-GMS.ATT.NET.
 ;; Received 144 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 213 ms
 
 20.197.236.12.in-addr.arpa. 86400 IN      CNAME      20.0/27.197.236.12.in-addr.arpa.
 0/27.197.236.12.in-addr.arpa. 86400 IN      NS      ns2.teleformix.com.
 0/27.197.236.12.in-addr.arpa. 86400 IN      NS      ns1.teleformix.com.
 ;; Received 116 bytes from 199.191.128.105#53(CBRU.BR.NS.ELS-GMS.ATT.NET) in 122 ms


Someone please help!!!
I'd like to award the points because the link was correct.  We were doing everything right initially but we never gave it time to propagate before trying something else.  So omarfarid should get the points for offering a solution that was technically correct.
Thanks :)