On Fri, Sep 06, 2002 at 04:06:40PM +0200, Brad Knowles wrote:
At 3:32 PM +0200 2002/09/06, Brad Knowles wrote:
Have a look, for example, at the reverses for 193.109.122.192/28 and let me know if you can find anything wrong with those. [snip] The key phrase is "A correctly operating resolving proxy DNS server must discard them ...".
Yes. This is your original complaint about matching apexes with delegations. I am not violating that condition, however.
Now, if you wanted to do separate zone files, and make sure that each zone file doesn't contain any out-of-zone data, that would be a different issue. But this is like handing people sticks of dynamite, flamethrowers, and encouraging them to ignite the explosives they're holding in their hands.
I am doing separate zone files. Each IP delegated to me is a separate zone. Now, again, what is wrong with that?
DNS Expert Detailed Report for 192.122.109.193.in-addr.arpa. 9/6/02, 4:05 PM, using the analysis setting "Everything" ======================================================================
Information ---------------------------------------------------------------------- Serial number: 1031317961 Primary name server: ns.dataloss.nl. Primary mail server: N/A Number of records: N/A
Errors ---------------------------------------------------------------------- o The reverse zone contains one or more A records The reverse domain "192.122.109.193.in-addr.arpa." contains one or more A records. A records should only be placed in forward-mapping domains.
What A-records is it talking about? I am not seeing any. [axfr is closed] [banter about SOA values] [all servers on the same subnet]
DNS Expert Detailed Report for 193.122.109.193.in-addr.arpa. 9/6/02, 4:05 PM, using the analysis setting "Everything" ======================================================================
Information ---------------------------------------------------------------------- Serial number: 1031317961 Primary name server: ns.dataloss.nl. Primary mail server: N/A Number of records: N/A
Errors ---------------------------------------------------------------------- o The reverse zone contains one or more A records The reverse domain "193.122.109.193.in-addr.arpa." contains one or more A records. A records should only be placed in forward-mapping domains.
Again, I am not seeing any A records. [no axfr] [soa values] [all servers on the same subnet]
What about this?
% dnswalk -ralF 122.109.193.in-addr.arpa. Checking 122.109.193.in-addr.arpa. Getting zone transfer of 122.109.193.in-addr.arpa. from ns2.bit.nl...done. SOA=ns.bit.nl contact=root.bit.nl
[hosts outside my /29] [failed zonetransfers] Nothing there that's wrong with my /29.
DNS Expert Detailed Report for 122.109.193.in-addr.arpa.
This is the parent zone.
9/6/02, 3:56 PM, using the analysis setting "Everything" ======================================================================
Information ---------------------------------------------------------------------- Serial number: 2002090401 Primary name server: ns.bit.nl. Primary mail server: N/A Number of records: 112 (34 NS, 0 MX, 0 A, 0 CNAME, 78 PTR, 0 Other)
Errors ----------------------------------------------------------------------
[hosts outside my /29] Indeed, you found some things wrong with the /24 zone, but that was not the subject, and nothing you found wrong with the /24 is related to the /29. Greetz, Peter -- peter@dataloss.nl | http://www.dataloss.nl/ | Undernet:#clue