 |  |
At 1:42 PM -0600 2/18/05, Larry Scott Hastings wrote:
Re: Reverse DNS
From: Men & Mice Support
Date: Saturday, February 19, 2005
Time: 8:13:59 am
>Sorry for the delayed response.
>
>Thanks, Chris. Lots of helpful info there.
>
>In regard to restarting the name server: Yes I have restarted the
>server, same results.
>
>Although my server is the primary master server, I've not listed it
>in the zone files as one of the name servers. Could that be causing
>all or some of these problems (failing reverse lookups, incorrect
>SOA info on secondaries, possible corrupted cache)?
No. That's a strategy called "hidden master". Perfectly normal.
You should ask xspedius.net to fix their configuration so that
they're using your server as master instead of having their own copy
of the zone.
Chris Buxton
Men & Mice - Making DNS Easy
>On Feb 15, 2005, at 9:03 AM, Men & Mice Support wrote:
>
>>The difference in 'host' command output is caused by the fact that
>>I'm querying from the outside - my machine ends up finding the
>>delegation records and returning them as the answer. You're
>>querying your own server, which returns the authority records from
>>your reverse zone.
>>
>>Here's the output of a 'dig +trace' command:
>>
>>$ dig +trace ns 208.253.216.in-addr.arpa
>>
>>; <<>> DiG 9.3.0 <<>> +trace ns 208.253.216.in-addr.arpa
>>;; global options: printcmd
>>. 65795 IN NS G.ROOT-SERVERS.NET.
>>. 65795 IN NS H.ROOT-SERVERS.NET.
>>. 65795 IN NS I.ROOT-SERVERS.NET.
>>. 65795 IN NS J.ROOT-SERVERS.NET.
>>. 65795 IN NS K.ROOT-SERVERS.NET.
>>. 65795 IN NS L.ROOT-SERVERS.NET.
>>. 65795 IN NS M.ROOT-SERVERS.NET.
>>. 65795 IN NS A.ROOT-SERVERS.NET.
>>. 65795 IN NS B.ROOT-SERVERS.NET.
>>. 65795 IN NS C.ROOT-SERVERS.NET.
>>. 65795 IN NS D.ROOT-SERVERS.NET.
>>. 65795 IN NS E.ROOT-SERVERS.NET.
>>. 65795 IN NS F.ROOT-SERVERS.NET.
>>;; Received 244 bytes from 217.151.171.21#53(217.151.171.21) in 207 ms
>>
>>216.in-addr.arpa. 86400 IN NS chia.ARIN.NET.
>>216.in-addr.arpa. 86400 IN NS dill.ARIN.NET.
>>216.in-addr.arpa. 86400 IN NS BASIL.ARIN.NET.
>>216.in-addr.arpa. 86400 IN NS henna.ARIN.NET.
>>216.in-addr.arpa. 86400 IN NS indigo.ARIN.NET.
>>216.in-addr.arpa. 86400 IN NS epazote.ARIN.NET.
>>216.in-addr.arpa. 86400 IN NS figwort.ARIN.NET.
>>;; Received 193 bytes from 128.63.2.53#53(H.ROOT-SERVERS.NET) in 802 ms
>>
>>253.216.in-addr.arpa. 86400 IN NS dns1.xspedius.net.
>>253.216.in-addr.arpa. 86400 IN NS dns2.xspedius.net.
>>253.216.in-addr.arpa. 86400 IN NS dns3.xspedius.net.
>>;; Received 111 bytes from 192.35.51.32#53(dill.ARIN.NET) in 901 ms
>>
>>208.253.216.in-addr.arpa. 7200 IN NS dns1.xspedius.net.
>>208.253.216.in-addr.arpa. 7200 IN NS dns2.xspedius.net.
>>208.253.216.in-addr.arpa. 7200 IN NS dns3.xspedius.net.
>>;; Received 159 bytes from 207.191.50.10#53(dns1.xspedius.net) in 975 ms
>>
>>
>>After that, I went looking for a more detailed response:
>>
>>$ dig +norec soa 208.253.216.in-addr.arpa @dns1.xspedius.net
>>
>>; <<>> DiG 9.3.0 <<>> +norec soa 208.253.216.in-addr.arpa @dns1.xspedius.net
>>;; global options: printcmd
>>;; Got answer:
>>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2936
>>;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
>>
>>;; QUESTION SECTION:
>>;208.253.216.in-addr.arpa. IN SOA
>>
>>;; ANSWER SECTION:
>>208.253.216.in-addr.arpa. 7200 IN SOA dns1.xspedius.net.
>>domain.xspedius.net. 2005010801 3600 1800 1209600 3600
>>
>>;; AUTHORITY SECTION:
>>208.253.216.in-addr.arpa. 7200 IN NS dns3.xspedius.net.
>>208.253.216.in-addr.arpa. 7200 IN NS dns1.xspedius.net.
>>208.253.216.in-addr.arpa. 7200 IN NS dns2.xspedius.net.
>>
>>;; ADDITIONAL SECTION:
>>dns1.xspedius.net. 7200 IN A 207.191.50.10
>>dns2.xspedius.net. 7200 IN A 207.191.1.10
>>dns3.xspedius.net. 7200 IN A 206.222.97.50
>>
>>;; Query time: 371 msec
>>;; SERVER: 207.191.50.10#53(dns1.xspedius.net)
>>;; WHEN: Tue Feb 15 06:52:50 2005
>>;; MSG SIZE rcvd: 202
>>
>>
>>Notice the SOA record's mname field (the name of the primary master
>>server). It doesn't show your server. Also notice that the response
>>is marked authoritative (flag aa). This tells me that they're not
>>acting as slaves for your copy of the zone - they have their own
>>copy of the zone, and they're ignoring your version.
>>
>>Here's the same query, sent to your server:
>>
>>$ dig +norec soa 208.253.216.in-addr.arpa @dns.hastings.com
>>
>>; <<>> DiG 9.3.0 <<>> +norec soa 208.253.216.in-addr.arpa @dns.hastings.com
>>;; global options: printcmd
>>;; Got answer:
>>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60246
>>;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
>>
>>;; QUESTION SECTION:
>>;208.253.216.in-addr.arpa. IN SOA
>>
>>;; ANSWER SECTION:
>>208.253.216.in-addr.arpa. 86400 IN SOA dns.hastings.com.
>>scott.hastings.com. 2005021413 28800 7200 604800 86400
>>
>>;; AUTHORITY SECTION:
>>208.253.216.in-addr.arpa. 86400 IN NS dns1.xspedius.net.
>>208.253.216.in-addr.arpa. 86400 IN NS dns2.xspedius.net.
>>208.253.216.in-addr.arpa. 86400 IN NS dns3.xspedius.net.
>>
>>;; ADDITIONAL SECTION:
>>dns1.xspedius.net. 101458 IN A 207.191.50.10
>>dns2.xspedius.net. 100073 IN A 207.191.1.10
>>dns3.xspedius.net. 114930 IN A 206.222.97.50
>>
>>;; Query time: 387 msec
>>;; SERVER: 216.253.208.2#53(dns.hastings.com)
>>;; WHEN: Tue Feb 15 06:55:46 2005
>>;; MSG SIZE rcvd: 217
>>
>>
>>Given the fact that a query for a PTR record (to your server) gets
>>back an indication that the class B subnet reverse is handled by
>>the IANA blackhole servers, I'm guessing either your server's cache
>>is corrupted or some intervening agent has corrupted cache records;
>>the class B subnet reverse zone is quite clearly delegated to
>>xspedius.net (as shown in the trace above).
>>
>>Have you tried restarting the DNS service on your server?
>>
>>Chris Buxton
>>Men & Mice - Making DNS Easy
>>
>>At 3:13 PM -0600 2/14/05, Larry Scott Hastings wrote:
>>>OK, seems my ISP changed the names of their secondary servers on
>>>me. I updated those in my zone file for the reverse domain.
>>>
>>>I still have basically the same question/problem: A lookup for a
>>>PTR record for my mail server fails. I'm having trouble sending
>>>some emails as a result.
>>>
>>>The reverse zone is there. The PTR records are there. Why can't
>>>a reverse lookup find them? How do I fix this in QuickDNS?
>>>
>>>On Feb 14, 2005, at 12:51 PM, admin@gippy.net wrote:
>>>
>>>>On Mon, 14 Feb 2005 12:35:40 -0600
>>>> Larry Scott Hastings <lshastings@mac.com> wrote:
>>>>>From what I can see, the reverse zone _is_ delegated to us. I
>>>>>did the same host lookup as Chris, and I show my server and the
>>>>>secondaries. I also called my ISP and confirmed that I am
>>>>>primary for the reverse domain for our class C.
>>>>>
>>>>>> host -t ns 208.253.216.in-addr.arpa
>>>>>>208.253.216.in-addr.arpa name server ns2.espire.net.
>>>>>>208.253.216.in-addr.arpa name server ns3.espire.net.
>>>>>>208.253.216.in-addr.arpa name server dns.hastings.com.
>>>>>>208.253.216.in-addr.arpa name server ns1.espire.net.
>>>>
>>>>>>$ host -t ns 208.253.216.in-addr.arpa
>>>>>>208.253.216.in-addr.arpa name server dns2.xspedius.net.
>>>>>>208.253.216.in-addr.arpa name server dns3.xspedius.net.
>>>>>>208.253.216.in-addr.arpa name server dns1.xspedius.net.
>>>>
>>>>
>>>>I just did the same command above from my system:
>>>>
>>>>host -t ns 208.253.216.in-addr.arpa
>>>>208.253.216.in-addr.arpa name server dns3.xspedius.net.
>>>>208.253.216.in-addr.arpa name server dns1.xspedius.net.
>>>>208.253.216.in-addr.arpa name server dns2.xspedius.net.
>>>>
>>>>Same thing returned as what Chris got.
>>>>
>>>>Just as an FYI.
>>>>
>>>>Nevin Lyne
>>>>Gippy's Internet Solutions
>>>>http://www.gippy.net/
>>
>>
>>
>Thanks!
>--Scott Hastings lshastings@mac.com
Messages In This Thread:
Return to Digital Point Solutions' Home Page
| home | |
| products | |
| services | |
| support | |
| email lists |
| optigold isp | |
| optigold isp news | |
| home inspection | |
| inspectrix | |
| java companion | |
| oracle | |
| quickdns pro | |
| search engine | |
| veterinary |
| tips | |
| employees | |
| free tools | |
| portfolio | |
| jobs | |
| contact |
888/4-DPOINTSupport:
858/452-3696