Solved

Reverse DNS delegation from ATT

Posted on 2014-03-06
5
388 Views
Last Modified: 2014-03-14
I already have this working, but I'm hoping someone can help me to understand why. One of the services my company provides to our clients is DNS hosting, including rDNS if they can get their IPs delegated to us.

In the past I've always set up our rDNS zones using a / instead of a - as I understood that was proper CIDR notation for classless subnets.

For example, if ATT delegated this block to us:  12.171.xxx.yyy/29
Then we would set up the zone on our DNS server like this: yyy/29.xxx.171.12.in-addr.arpa

For some reason this absolutely wouldn't work on the most recent delegation, so after banging my head on the wall for a while I replaced the slash with a dash and this started working:

yyy-29.xxx.171.12.in-addr.arpa

We have dozens of other delegations from ATT that worked with the / so I have no idea why this one suddenly started needing a - instead.

If it matters, we're using SimpleDNS Plus 5.1.

Thanks for reading!
0
Comment
Question by:sfcanderson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 39912311
Did you do any packet captures or enable logging (if any) in SimpleDNS to see what was going on?

The way I'm reading the doc for SimpleDNS it implies that what you had should work and as you stated, you had this working before.

http://www.simpledns.com/help/v51/index.html?rec_ptr.htm
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 39913164
2 thoughts:
1. Are you absolutely certain that there wasn't a typo in the first one?
2. How exactly are you determining whether it works or not? Is the zone not loading? Is it possible that the client side is old and doesn't recognize the / formatting?
0
 

Author Comment

by:sfcanderson
ID: 39913348
1. I'm as certain as I can be that there weren't any typos. Another engineer created it first and I looked it over with him. We didn't see any problems, but we each deleted and recreated the zone three more times over a couple of days and confirmed we were entering it correctly.

2. We ended up testing with a LOT of different methods:

Dig and nslookup on our workstations.
mxtoolbox.com, simpledns.com, dnsstuff.com, and several other websites for testing externally.

Another thing that may or may not have been useful was that I tried creating a zone using only the single IP that we needed a PTR for. It ended up looking like this:

yyz.xxx.171.12.in-addr.arpa

If I queried my nameservers directly for that IP then it would respond with the PTR, but if  we used the normal resolution methods going through root servers then it would not. This may have been by design as a DNS trace would show ATT handing off the CNAME yyy/29.xxx.171.12.in-addr.arpa to requests, but since we didn't have the full scope configured I think our DNS server was dropping them.
0
 
LVL 27

Accepted Solution

by:
Steve earned 500 total points
ID: 39920702
Like many things on the internet, DNS has had various 'official' standards and many interpretations of that standard.
While both of the options you have stated may have worked on some systems, the introduction of IPV6 & the new DNS standards (more TLDs, non-English characters etc) has necessitated some systems tightening up to meet more specific standards.

You may never find out why is stopped working, but you may also struggle to find anyone confirming it is should have worked in the first place, as it wasn't 'officially' accepted to use the slash in the first place I don't think.

http://dyn.com/support/reverse-dns/

http://en.wikipedia.org/wiki/Hostname
0
 

Author Closing Comment

by:sfcanderson
ID: 39929935
I'm going to go with "we'll never know why," but thanks for trying!
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question