Home Forums OS X Server and Client Discussion DNS reverse DNS config is giving me fits

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • September 27, 2006 at 2:05 pm #367123
    gw1500se
    Participant

    I am desperate for help on this as I have been struggling with it for weeks. 😥 What I am getting is completely inexplicable to me. I have 2 subnets for which I have set up for reverse DNS. One works and the other doesn’t. I have been over the files a thousand times and cannot find why one works and the other doesn’t. I am hoping another pair of eyes can spot what I cannot. The working network is 64-28.181.255.66.in-addr.arpa and the non-working one is 128-27.55.158.72.in-addr.arpa. Here are my config files:

    [code]
    $TTL 86400
    64-28.181.255.66.in-addr.arpa. IN SOA xserveoda.181.255.66.in-addr.arpa. support.aimaudit.com. (
    2006020801 ; serial
    2H ; refresh
    2H ; retry
    1W ; expiry
    1D ) ; minimum
    64-28.181.255.66.in-addr.arpa. IN NS ns1.comlanta.net.
    64-28.181.255.66.in-addr.arpa. IN NS ns2.comlanta.net.
    64-28.181.255.66.in-addr.arpa. IN NS xserveobd.aimaudit.com.
    64-28.181.255.66.in-addr.arpa. IN NS xservetwo.aimaudit.com.
    64-28.181.255.66.in-addr.arpa. IN NS xserveone.aimaudit.biz.
    67 IN PTR aimwebserver.aimaudit.biz.
    68 IN PTR 4dserverxp.aimaudit.biz.
    69 IN PTR xserveone.aimaudit.biz.
    70 IN PTR citrix02.aimaudit.biz.
    71 IN PTR imageone.aimaudit.biz.
    72 IN PTR imageone-raid.aimaudit.biz.
    73 IN PTR imageone-raid-2.aimaudit.biz.
    [/code]
    [code]
    $TTL 86400
    128-27.55.158.72.in-addr.arpa. IN SOA xserveoda.55.158.72.in-addr.arpa. support.aimaudit.com. (
    2006091802 ; serial
    2H ; refresh
    2H ; retry
    1W ; expiry
    1D ) ; minimum
    ; nameservers

    128-27.55.158.72.in-addr.arpa. IN NS ns2.cl.bellsouth.net.
    128-27.55.158.72.in-addr.arpa. IN NS ns3.cl.bellsouth.net.
    128-27.55.158.72.in-addr.arpa. IN NS xserveodb.aimaudit.com.
    128-27.55.158.72.in-addr.arpa. IN NS xservetwo.aimaudit.com.
    128-27.55.158.72.in-addr.arpa. IN NS xserveone.aimaudit.biz.

    ;hosts

    129 IN PTR xservehaa.dev.aimaudit.com.
    130 IN PTR ImageONE-RAID.dev.aimaudit.com.
    131 IN PTR aimwebserver.dev.aimaudit.com.
    132 IN PTR 4dserverxp.dev.aimaudit.com.
    133 IN PTR aimdlink1.dev.aimaudit.com.
    134 IN PTR xraidc1.dev.aimaudit.com.
    135 IN PTR xservehab.dev.aimaudit.com.
    [/code]
    FWIW, here is the typical ‘dig’ output.
    [code]
    dig -x 66.255.181.70

    ; <<>> DiG 9.2.2 <<>> -x 66.255.181.70
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42978 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 5, ADDITIONAL: 2 ;; QUESTION SECTION: ;70.181.255.66.in-addr.arpa. IN PTR ;; ANSWER SECTION: 70.181.255.66.in-addr.arpa. 1656 IN CNAME 70.64-28.181.255.66.in-addr.arpa. 70.64-28.181.255.66.in-addr.arpa. 86400 IN PTR citrix02.aimaudit.biz. ;; AUTHORITY SECTION: 64-28.181.255.66.in-addr.arpa. 86400 IN NS xservetwo.aimaudit.com. 64-28.181.255.66.in-addr.arpa. 86400 IN NS ns1.comlanta.net. 64-28.181.255.66.in-addr.arpa. 86400 IN NS ns2.comlanta.net. 64-28.181.255.66.in-addr.arpa. 86400 IN NS xserveobd.aimaudit.com. 64-28.181.255.66.in-addr.arpa. 86400 IN NS xserveone.aimaudit.biz. ;; ADDITIONAL SECTION: xserveone.aimaudit.biz. 86400 IN A 66.255.181.69 xservetwo.aimaudit.com. 86400 IN A 72.158.55.162 ;; Query time: 1 msec ;; SERVER: 70.158.194.7#53(70.158.194.7) ;; WHEN: Wed Sep 27 09:48:10 2006 ;; MSG SIZE rcvd: 266 [/code] [code] dig -x 72.158.55.135 ; <<>> DiG 9.2.2 <<>> -x 72.158.55.135
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 55908 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;135.55.158.72.in-addr.arpa. IN PTR ;; Query time: 624 msec ;; SERVER: 70.158.194.7#53(70.158.194.7) ;; WHEN: Wed Sep 27 10:00:26 2006 ;; MSG SIZE rcvd: 44 [/code] I cannot find the difference between the two if my life depended on it (and maybe it does). TIA.

    October 4, 2006 at 2:27 pm #367189
    gw1500se
    Participant

    I finally got some help from another source on this. I case anyone is interested it turns out that the difference was in the way our ISP was pulling the zone. The format was changed to a 5 octet format instead of the dash format. It turns out that Apple seems unable to understand classless subnets. There apparenlty is a bug in ‘changeip’ that cannot handle anything less then a full class c network. It was the incorrect output from ‘changeip’ that precipitated my messing with the DNS zone files in the first place.

    October 16, 2006 at 12:59 pm #367286
    gw1500se
    Participant

    [QUOTE][u]Quote by: MacTroll[/u]

    I’m not quite sure how a subnet factors into changeip, nor what a 5-octect format is.

    [/QUOTE]

    When I set up my classless subnet zone in /etc/named.conf using 5 octets it looks like this:
    [code]
    zone “128.55.158.72.in-addr.arpa” IN {
    type master;
    file “db.72.158.55”;
    };
    [/code]
    As opposed to my original format (but this is an issue with the way my ISP was pulling the zone not an incorrect format):
    [code]
    zone “128-27.55.158.72.in-addr.arpa” IN {
    type master;
    file “db.72.158.55”;
    };
    [/code]
    Apple’s ‘changeip’ cannot handle the way ‘dig’ returns the reverse anwer and produces an error saying “The DNS hostname is not available, please repair DNS and re-run this tool.” Of course there is nothing broken in DNS, the entry (either one actually) is legitimate for a subnet. When the network is incorrectly changed to a full class C as below, ‘changeip’ is happy:
    [code]
    zone “55.158.72.in-addr.arpa” IN {
    type master;
    file “db.72.158.55”;
    };
    [/code]

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.