Re: bind9 graphical admin interface

To: debian-isp@lists.debian.org
Subject: Re: bind9 graphical admin interface
From: Craig Sanders <cas@taz.net.au>
Date: Wed, 2 Apr 2008 08:30:14 +1100
Message-id: <[🔎] 20080401213014.GA10515@taz.net.au>
In-reply-to: <[🔎] 47F27670.7040302@songshu.org>
References: <[🔎] 20080401173414.GW1777@tanqueray.amyl.org.uk> <[🔎] 47F27670.7040302@songshu.org>

On Tue, Apr 01, 2008 at 07:52:48PM +0200, randall wrote:
> Adam McGreggor wrote:
>> On Tue, Apr 01, 2008 at 07:01:29PM +0200, randall wrote:
>>   
>>> dear all,
>>>
>>> i have some troubles with my ISP, its a small time ISP who manages 
>>> the glassfiber connection for our office building and provides 
>>> several services for the tennants. its a Ms shop with a point and 
>>> click admin and i must say i' m not really impressed by his 
>>> knowledge, not really a problem since i only need the internet 
>>> connection and there is little that can go wrong there between me and 
>>> the cisco router set up there by a professional provider....accept 
>>> for 1 thing.....PTR records...
>>>
>>> his software has a nice button that says do you want to create a PTR  
>>> record but its simply not working.
>>>     
>>
>> What do dig/nslookup report?   
> NXDOMAIN
> unless i dig @his.dns.server -x directly

ok, that indicates that the changes ARE being made to your ISP's
zonefiles. so you don't need to worry about the GUI editor. it seems to
be working and it's not your problem, anyway.

it also indicates that the problem is that the .in-addr.arpa domain (aka
"reverse DNS") for his IP netblock has not been delegated to his name
server.

e.g. if the ISP's netblock is 192.168.0/24 then the .in-addr.arpa domain
for that would be 0.168.192.in-addr.arpa and that domain has to be
delegated to his name server the same as any other domain...otherwise
it's just a private domain known only to those hosts which directly
use his name-server. exactly the same as if you made up a zone file
"foo.example.com" on your name-server...you and your users would know
about it, nobody else would.

(key thing to remember here is that .in-addr.arpa domains might look
a little unusual, and they might have a special purpose, and consist
entirely of NS, SOA, and PTR records rather than A & CNAME & MX etc
records, but they ARE just another domain same as any other).

to fix:

if he has a portable netblock (i.e. he "owns" it directly, rather than
it being owned by his upstream ISP and loaned to him) then he needs
to contact whoever is responsible for IP address allocations in your
country and ask for the .in-addr arpa domain to be delegated to his NS.

if it's a non-portable netblock owned by his upstream ISP then he needs
to contact their tech people and ask the same.

craig

-- 
craig sanders <cas@taz.net.au>

Reply to:

Follow-Ups:
- Re: bind9 graphical admin interface
  - From: Craig Sanders <cas@taz.net.au>

References:
- Re: bind9 graphical admin interface
  - From: Adam McGreggor <lists@amyl.org.uk>
- Re: bind9 graphical admin interface
  - From: randall <randall@songshu.org>

Prev by Date: Re: bind9 graphical admin interface
Next by Date: Re: bind9 graphical admin interface
Previous by thread: Re: bind9 graphical admin interface
Next by thread: Re: bind9 graphical admin interface
Index(es):
- Date
- Thread