On 2015-02-04 13:10, James Cornman wrote:
Hello,
Hi James,
- There is an SOA record for the zone 94.145.204.in-addr.arpa - There are NS records for the zone 94.145.204.in-addr.arpa - There is an NS record for 100.94.145.204.in-addr.arpa - The NS server in the content field is not hosted by our DNS servers. - I've tried toggling the out-of-zone-additional-processing, send-root-referral fields - Same behavior on auth only servers vs auth + recursor servers - Have tried setting up a zone with SOA/NS records, and A record for the customer's DNS server, PDNS: Not working. No answer returned.
Below it seems that it answers just fine though.
[james@eng:~] % dig @10.250.50.237 [2] 100.94.145.204.in-addr.arpa ptr ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @10.250.50.237 [2] 100.94.145.204.in-addr.arpa ptr ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40501 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;100.94.145.204.in-addr.arpa. IN PTR ;; AUTHORITY SECTION: 100.94.145.204.in-addr.arpa. 3600 IN NS ns17.bitronictech.net. ;; Query time: 3 msec ;; SERVER: 10.250.50.237#53(10.250.50.237) ;; WHEN: Tue Feb 3 15:48:47 2015 ;; MSG SIZE rcvd: 80
This does not seem wrong.
BIND. Works fine. [james@eng:~] % dig @208.78.27.4 [5] 100.94.145.204.in-addr.arpa ptr ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @208.78.27.4 [5] 100.94.145.204.in-addr.arpa ptr ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2875 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;100.94.145.204.in-addr.arpa. IN PTR ;; ANSWER SECTION: 100.94.145.204.in-addr.arpa. 7200 IN PTR lopfar.net. ;; AUTHORITY SECTION: 100.94.145.204.in-addr.arpa. 3600 IN NS ns17.bitronictech.net. ;; ADDITIONAL SECTION: ns17.bitronictech.net. 5046 IN A 204.145.94.184 ;; Query time: 3 msec ;; SERVER: 208.78.27.4#53(208.78.27.4) ;; WHEN: Tue Feb 3 15:48:
Here you ask with the "rd" aka recursion desired flag and it appears that your BIND Server is indeed configured to recurse for you and go ask ns17.bitronictech.net about the PTR for 100.94.145.204.in-addr.arpa. This is now recursive DNS works, however it is not how authoritative DNS works. BIND just happens to do both at the same time.
Did you try setting up a recursive nameserver to ask your PowerDNS auth Server at 10.250.50.237 for 94.145.204.in-addr.arpa and then query it for the PTR of 100.94.145.204.in-addr.arpa?
best regards, Stefan _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
