on 7-8-2008 11:27 AM Brian spake the following:
On Tue, July 8, 2008 12:48 pm, Scott Silva wrote:
I'm having some trouble getting reverse zones right on 5.2. The zone files worked fine on a CentOS 4.6 machine, and the forward zones moved to the new server seem OK. But for some reason I can't get anything but servfail's on remote queries to the machine. But for some reason they will answer fine if I run "host ip.ad.dr.ess" on the local machine. I stopped the firewall to help debug this, but it still fails.
Bind is listening on all the machines ip addresses.
--
You could also try
dig +trace -x 00.00.00.00
and see where it takes you.
Brian.
This is a server that seems to resolve ok. Done from my home server.
; <<>> DiG 9.2.4 <<>> +trace -x 63.110.242.66 ;; global options: printcmd <snip root server stuff> ;; Received 476 bytes from 127.0.0.1#53(127.0.0.1) in 263 ms
63.in-addr.arpa. 86400 IN NS epazote.ARIN.NET. 63.in-addr.arpa. 86400 IN NS chia.ARIN.NET. 63.in-addr.arpa. 86400 IN NS figwort.ARIN.NET. 63.in-addr.arpa. 86400 IN NS dill.ARIN.NET. 63.in-addr.arpa. 86400 IN NS henna.ARIN.NET. 63.in-addr.arpa. 86400 IN NS BASIL.ARIN.NET. 63.in-addr.arpa. 86400 IN NS indigo.ARIN.NET. ;; Received 195 bytes from 192.33.4.12#53(C.ROOT-SERVERS.NET) in 26 ms
110.63.in-addr.arpa. 86400 IN NS AUTH03.NS.UU.NET. 110.63.in-addr.arpa. 86400 IN NS AUTH00.NS.UU.NET. ;; Received 95 bytes from 192.41.162.32#53(epazote.ARIN.NET) in 85 ms
242.110.63.in-addr.arpa. 21600 IN NS auth100.ns.uu.net. 242.110.63.in-addr.arpa. 21600 IN NS auth110.ns.uu.net. ;; Received 97 bytes from 198.6.1.83#53(AUTH03.NS.UU.NET) in 129 ms
66.242.110.63.in-addr.arpa. 21600 IN CNAME 66.64.242.110.63.in-addr.arpa. 64.242.110.63.in-addr.arpa. 21600 IN NS mail.sgvwater.com. 64.242.110.63.in-addr.arpa. 21600 IN NS mail.fontanawater.com. ;; Received 127 bytes from 198.6.1.202#53(auth100.ns.uu.net) in 73 ms
----------------------------------------------
This one doesn't, it seems that the server won't answer the request.
; <<>> DiG 9.2.4 <<>> +trace -x 208.252.226.196 ;; global options: printcmd <snip root server stuff> ;; Received 512 bytes from 127.0.0.1#53(127.0.0.1) in 121 ms
208.in-addr.arpa. 86400 IN NS chia.arin.net. 208.in-addr.arpa. 86400 IN NS dill.arin.net. 208.in-addr.arpa. 86400 IN NS basil.arin.net. 208.in-addr.arpa. 86400 IN NS henna.arin.net. 208.in-addr.arpa. 86400 IN NS indigo.arin.net. 208.in-addr.arpa. 86400 IN NS epazote.arin.net. 208.in-addr.arpa. 86400 IN NS figwort.arin.net. ;; Received 197 bytes from 193.0.14.129#53(K.ROOT-SERVERS.NET) in 132 ms
252.208.in-addr.arpa. 86400 IN NS AUTH03.NS.UU.NET. 252.208.in-addr.arpa. 86400 IN NS AUTH00.NS.UU.NET. ;; Received 97 bytes from 192.5.6.32#53(chia.arin.net) in 94 ms
226.252.208.in-addr.arpa. 21600 IN NS auth02.ns.uu.net. 226.252.208.in-addr.arpa. 21600 IN NS auth20.ns.wcom.com. ;; Received 108 bytes from 198.6.1.83#53(AUTH03.NS.UU.NET) in 100 ms
196.226.252.208.in-addr.arpa. 21600 IN CNAME 196.192.226.252.208.in-addr.arpa. 192.226.252.208.in-addr.arpa. 21600 IN NS mail.sgvwater.com. ;; Received 99 bytes from 198.6.1.82#53(auth02.ns.uu.net) in 95 ms
I can get the A record fine, but it won't answer the PTR request. I'm thinking that bind just doesn't like the reverse zone file, but it doesn't toss up any errors about it.