In message <4d8a0386.3080...@laas.fr>, Olivier Destras writes: > Hi, > > I'm using a software which uses bind and I'm experiencing a problem with > the reverse dns function of bind. > I only have private adresses on my network but the nodes also have dns > names. There is a server on this network, which is also a name server, > that has internet through a gateway. > When my nodes are doing a dns query to the server, eveything is ok and > they get their corresponding (private) IP address. > The problem occurs when a node is sending a reverse dns query to the > server. The server should return the name that matches the IP address > but instead I have this error in the bind log > > 21-Mar-2011 14:53:44.389 security: warning: client 10.100.2.129#61940: > view internal: RFC 1918 response from Internet for 5.2.100.10.in- > addr.arpa > > In this case 10.100.2.5 (or 5.2.100.10) is the server itself so it > should able to get his own name
Only if you have configured the reverse zone. You need to configure a zone with a "5.2.100.10.in-addr.arpa. PTR <name>." record. e.g. 10.in-addr.arpa. 5.2.100 PTR <name>. or 100.10.in-addr.arpa. 5.2 PTR <name>. or 2.100.10.in-addr.arpa. 5 PTR <name>. or 5.2.100.10.in-addr.arpa. @ PTR <name>. > This "response from Internet" seems weird to me because it should not > ask an internet name server since it is private address. I checked with > tcpdump and I didn't see any dns query going out of the server so it's > not doing recursive lookups Did you clear the cache before checking? > Anyone can help with this? Does bind have a special option for private > addresses? No. Named knows what the public servers for 10.in-addr.arpa return in the SOA record and warns if it see those values. 10.in-addr.arpa. 10800 IN SOA prisoner.iana.org. hostmaster.root-servers.org. 2002040800 1800 900 604800 604800 > I've seen that there is a reverse folder in /etc/namedb with files names > like this "10.0.252.db", are these files used for the reverse dns > resolution? I tried to add a file for the subnetwork I use (10.100.2) > but this didn't change anything > > Here is a tcpdump of the communication between the node and the server > showing the failing query > > 10:42:35.494523 IP 10.100.2.129.60331 > boss.vlan100.domain: 42377+ PTR? > 5.2.100.10.in-addr.arpa. (41) > 10:42:35.494691 IP boss.vlan100.domain > 10.100.2.129.60331: 42377 > NXDomain 0/1/0 (118) > 10:42:35.495019 IP 10.100.2.129.54934 > boss.vlan100.domain: 42378+ A? > UNKNOWN.vlan100. (33) > 10:42:35.495090 IP boss.vlan100.domain > 10.100.2.129.54934: 42378 > NXDomain* 0/1/0 (86) > 10:42:35.495416 IP 10.100.2.129.64666 > boss.vlan100.domain: 42379+ A? > UNKNOWN. (25) > 10:42:35.495469 IP boss.vlan100.domain > 10.100.2.129.64666: 42379 > NXDomain 0/1/0 (100) > > > Thanks in advance > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users