Solved

Reverse DNS delegation from ATT

Posted on 2014-03-06
5
384 Views
Last Modified: 2014-03-14
I already have this working, but I'm hoping someone can help me to understand why. One of the services my company provides to our clients is DNS hosting, including rDNS if they can get their IPs delegated to us.

In the past I've always set up our rDNS zones using a / instead of a - as I understood that was proper CIDR notation for classless subnets.

For example, if ATT delegated this block to us:  12.171.xxx.yyy/29
Then we would set up the zone on our DNS server like this: yyy/29.xxx.171.12.in-addr.arpa

For some reason this absolutely wouldn't work on the most recent delegation, so after banging my head on the wall for a while I replaced the slash with a dash and this started working:

yyy-29.xxx.171.12.in-addr.arpa

We have dozens of other delegations from ATT that worked with the / so I have no idea why this one suddenly started needing a - instead.

If it matters, we're using SimpleDNS Plus 5.1.

Thanks for reading!
0
Comment
Question by:sfcanderson
5 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 39912311
Did you do any packet captures or enable logging (if any) in SimpleDNS to see what was going on?

The way I'm reading the doc for SimpleDNS it implies that what you had should work and as you stated, you had this working before.

http://www.simpledns.com/help/v51/index.html?rec_ptr.htm
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 39913164
2 thoughts:
1. Are you absolutely certain that there wasn't a typo in the first one?
2. How exactly are you determining whether it works or not? Is the zone not loading? Is it possible that the client side is old and doesn't recognize the / formatting?
0
 

Author Comment

by:sfcanderson
ID: 39913348
1. I'm as certain as I can be that there weren't any typos. Another engineer created it first and I looked it over with him. We didn't see any problems, but we each deleted and recreated the zone three more times over a couple of days and confirmed we were entering it correctly.

2. We ended up testing with a LOT of different methods:

Dig and nslookup on our workstations.
mxtoolbox.com, simpledns.com, dnsstuff.com, and several other websites for testing externally.

Another thing that may or may not have been useful was that I tried creating a zone using only the single IP that we needed a PTR for. It ended up looking like this:

yyz.xxx.171.12.in-addr.arpa

If I queried my nameservers directly for that IP then it would respond with the PTR, but if  we used the normal resolution methods going through root servers then it would not. This may have been by design as a DNS trace would show ATT handing off the CNAME yyy/29.xxx.171.12.in-addr.arpa to requests, but since we didn't have the full scope configured I think our DNS server was dropping them.
0
 
LVL 27

Accepted Solution

by:
Steve earned 500 total points
ID: 39920702
Like many things on the internet, DNS has had various 'official' standards and many interpretations of that standard.
While both of the options you have stated may have worked on some systems, the introduction of IPV6 & the new DNS standards (more TLDs, non-English characters etc) has necessitated some systems tightening up to meet more specific standards.

You may never find out why is stopped working, but you may also struggle to find anyone confirming it is should have worked in the first place, as it wasn't 'officially' accepted to use the slash in the first place I don't think.

http://dyn.com/support/reverse-dns/

http://en.wikipedia.org/wiki/Hostname
0
 

Author Closing Comment

by:sfcanderson
ID: 39929935
I'm going to go with "we'll never know why," but thanks for trying!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Active directory upgrade to DFSR 4 41
Import a txt file into 2012 DNS server 2 43
DNS @ Naked Domain Record 5 84
SPF record. 2 26
This article explains how a domain name may be inadvertently appended to all DNS queries. This exhibits as described below. (CODE)And / Or: (CODE) Cause This issue can occur in either of these two scenarios. EITHER 1. A Primary DNS S…
Resolve DNS query failed errors for Exchange
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question