Classless Delegation

Ceri Davies setantae at submonkey.net
Mon Jun 10 14:45:29 BST 2002 

On Mon, Jun 10, 2002 at 02:01:46PM +0100, David Richards wrote:
> HI 
> 
>    My ISP has finally given me control of my reverse dns. I been told it had
> something to do with classless delegation. So i look around the net to find
> help about it.

They've done it in a slightly unusual way, and not quite properly.  Read on.

> here is a copy of my reverse dns zone
>
> $TTL 86400
>
> @       IN      SOA     @       davidr.skyforge.net. (

                         ^^^
This is yucky.
Is your nameserver really called '28/160.199.204.217.in-addr.arpa ' ??
That's what you are telling the world here.
Use the name of your primary nameserver instead.

>                         3; serial
>                         28800; refresh
>                         7200; retry
>                         604800; expire
>                         86400; ttl
>                         )
>
>
>         IN      NS      ns1.skyforge.net.
>         IN      NS      ns2.skyforge.net.
>         IN      NS      ns3.skyforge.net.
>
> 161.199.204.217.in-addr.arpa.   IN      PTR     moongate.skyforge.net.
> 162.199.204.217.in-addr.arpa.   IN      PTR     spaceport.skyforge.net.
> 163.199.204.217.in-addr.arpa.   IN      PTR     atomic.skyforge.net.
> 164.199.204.217.in-addr.arpa.   IN      PTR     green-gas.skyforge.net.
> 165.199.204.217.in-addr.arpa.   IN      PTR     bubbles.skyforge.net.
> 166.199.204.217.in-addr.arpa.   IN      PTR     purplewater.skyforge.net.
> 167.199.204.217.in-addr.arpa.   IN      PTR     blacknow.skyforge.net.
> 168.199.204.217.in-addr.arpa.   IN      PTR     acidrain.skyforge.net.
> 169.199.204.217.in-addr.arpa.   IN      PTR     hardwire.skyforge.net.
> 170.199.204.217.in-addr.arpa.   IN      PTR     motherfuckers.skyforge.net.
> 171.199.204.217.in-addr.arpa.   IN      PTR     slinky.skyforge.net.
> 172.199.204.217.in-addr.arpa.   IN      PTR
> i.waste.all.my.time.ircing.on.skyforge.net.
> 173.199.204.217.in-addr.arpa.   IN      PTR     outerspace.skyforge.net.
> 174.199.204.217.in-addr.arpa.   IN      PTR     mincontrol.skyforge.net.
> 175.199.204.217.in-addr.arpa.   IN      PTR     infa.skyforge.net.

This all looks very wrong for a classless delegation.

> the stuff from named.conf is
>
> zone "28/160.199.204.217.in-addr.arpa " {

Ick, yuck, ack - you've a space in there, and the '28/' prefix is probably
what is causing your first error below.

>       type master;
>       file "/etc/namedb/primary/160.199.204.217.in-addr.arpa.zone";
> };
>
> I changed the serial as i made changes to the zone. I have been getting
> these errors. I dont understand the first one, but i dont think it is
> important. But the second one doesnt change even if I changed the serial to
> 1000 or 2 or etc...
>
> Jun 10 13:55:07 spaceport named[93608]: Zone
> "28/160.199.294.217.in-addr.arpa" (file
> /etc/namedb/primary/160.199.204.217.in-addr.arpa.zone): no SOA RR found
> Jun 10 13:55:07 spaceport named[93608]: master zone
> "28/160.199.294.217.in-addr.arpa" (IN) rejected due to errors (serial 0)
> Jun 10 13:55:07 spaceport named[93608]: Ready to answer queries.
>
> Also when i use nslookup on the server, it doesnt work the ip ?

You aren't serving the zone they've delegated you.
Witness :

{ceri at cartman}-{~} $ dig 161.199.204.217.in-addr.arpa @ns0.easynet.co.uk
<snip>
;; ANSWER SECTION:
161.199.204.217.in-addr.arpa. 86400 IN  CNAME   161.160.199.204.217.in-addr.arpa.


And :

{ceri at cartman}-{~} $ dig 173.199.204.217.in-addr.arpa @ns0.easynet.co.uk
<snip>
;; ANSWER SECTION:
173.199.204.217.in-addr.arpa. 86400 IN  CNAME   161.160.199.204.217.in-addr.arpa.

Now that's the same answer, which leads me to believe they have delegated you
160.199.204.217.in-addr.arpa, et voila :

{ceri at cartman}-{~} $ dig 160.199.204.217.in-addr.arpa ns @ns0.easynet.co.uk
<snip>
;; ANSWER SECTION:
160.199.204.217.in-addr.arpa. 86400 IN  NS      ns2.skyforge.net.
160.199.204.217.in-addr.arpa. 86400 IN  NS      ns1.skyforge.net.

So you need to be changing your stuff above to :

 $TTL 86400

 @       IN      SOA     ns1.skyforge.net.       davidr.skyforge.net. (
                         3; serial
                         28800; refresh
                         7200; retry
                         604800; expire
                         86400; ttl
                         )

         IN      NS      ns1.skyforge.net.
         IN      NS      ns2.skyforge.net.
         IN      NS      ns3.skyforge.net.

 161.160.199.204.217.in-addr.arpa.   IN      PTR     moongate.skyforge.net.
 162.160.199.204.217.in-addr.arpa.   IN      PTR     spaceport.skyforge.net.
 163.160.199.204.217.in-addr.arpa.   IN      PTR     atomic.skyforge.net.
 164.160.199.204.217.in-addr.arpa.   IN      PTR     green-gas.skyforge.net.
 165.160.199.204.217.in-addr.arpa.   IN      PTR     bubbles.skyforge.net.
 166.160.199.204.217.in-addr.arpa.   IN      PTR     purplewater.skyforge.net.
 167.160.199.204.217.in-addr.arpa.   IN      PTR     blacknow.skyforge.net.
 168.160.199.204.217.in-addr.arpa.   IN      PTR     acidrain.skyforge.net.
 169.160.199.204.217.in-addr.arpa.   IN      PTR     hardwire.skyforge.net.
 170.160.199.204.217.in-addr.arpa.   IN      PTR     motherfuckers.skyforge.net.
 171.160.199.204.217.in-addr.arpa.   IN      PTR     slinky.skyforge.net.
 172.160.199.204.217.in-addr.arpa.   IN      PTR     i.waste.all.my.time.ircing.on.skyforge.net.
 173.160.199.204.217.in-addr.arpa.   IN      PTR     outerspace.skyforge.net.
 174.160.199.204.217.in-addr.arpa.   IN      PTR     mincontrol.skyforge.net.
 175.160.199.204.217.in-addr.arpa.   IN      PTR     infa.skyforge.net.

And then in named.conf :

 zone "160.199.204.217.in-addr.arpa" {
       type master;
       file "/etc/namedb/primary/160.199.204.217.in-addr.arpa.zone";
 };

Then you need to get on the phone to EasyNet and ask them why all the reverse
delegations point at the same CNAME.

Should sort it.

Ceri

-- 
you can't see when light's so strong
you can't see when light is gone

More information about the Ukfreebsd mailing list