[svlug] bind 9.2 9.3 reverse DNS subnets

Jeff Frost jeff at frostconsultingllc.com
Thu Mar 1 11:48:42 PST 2007 

On Thu, 1 Mar 2007, Florin Andrei wrote:

> Jeff Frost wrote:
>>
>> So, if you're just testing local, how does your dig query and answer look?
>
> #########################################################
> # dig @localhost 193.140.YYY.XXX.in-addr.arpa. PTR
>
> ; <<>> DiG 9.2.4 <<>> @localhost 193.140.YYY.XXX.in-addr.arpa. PTR
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12734
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;193.140.YYY.XXX.in-addr.arpa.   IN      PTR
>
> ;; Query time: 2 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Thu Mar  1 11:24:25 2007
> ;; MSG SIZE  rcvd: 45
> ########################################################
>
> So it fails: "status: SERVFAIL"
>
> The problem is, the other server I was talking about is configured in an
> identical manner, just on a different address space, and it works (and
> it's bind 9.3 instead of 9.2).

What's with the XXX and YYY?  Are you trying to genericize your query.  I just 
do this locally for reverse lookups:

discord:~ $ dig @localhost -x  10.10.10.1

; <<>> DiG 9.3.4 <<>> @localhost -x 10.10.10.1
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16166
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;1.10.10.10.in-addr.arpa.       IN      PTR

;; ANSWER SECTION:
1.10.10.10.in-addr.arpa. 1800   IN      PTR 
discord.home.frostconsultingllc.com.

;; AUTHORITY SECTION:
10.10.10.in-addr.arpa.  1800    IN      NS 
discord.home.frostconsultingllc.com.

;; ADDITIONAL SECTION:
discord.home.frostconsultingllc.com. 1800 IN A  10.10.10.1

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Mar  1 11:46:45 2007
;; MSG SIZE  rcvd: 120


But anyway, why don't we take a different road and see your bind config files 
from both the working and non-working servers including the named.conf and the 
actual zone files.

And of course you've already checked in /var/log/messages for any named 
related errors right?

-- 
Jeff Frost, Owner 	<jeff at frostconsultingllc.com>
Frost Consulting, LLC 	http://www.frostconsultingllc.com/
Phone: 650-780-7908	FAX: 650-649-1954

More information about the Svlug mailing list