CIDR in-addr.arpa problem

Tue, 16 Mar 2010 12:23:19 -0700 

Hello all,

I have a problem with a CIDR IN-ADDR.ARPA delegation of a /28 netblock.
Domain names and IP numbers have been edited for privacy purposes.

I've had my local ISP make me a CIDR in-addr.arpa delegation for the block
192.168.33.112/28 to my name servers:
       ns1.mydomain.dom
       ns2.mydomain.dom

on my BIND-9.6.0-P1 I did the following:

in named.conf:
--------------
zone "112/28.33.168.192.in-addr.arpa" {
  type master;
  file "master/112-28.33.168.192.rev";
  allow-query { any; };
  allow-transfer { affilates; };        //irrelevant to the topic in question
  notify yes;
};

in master/112-28.33.168.192.rev:
--------------------------------
$ORIGIN 112/28.33.168.192.in-addr.arpa.
$TTL 3600       ; 1 hour
@ IN SOA  ns1.mydomain.dom. hostmaster.mydomain.dom. (
           2010031600 ; serial
           15m        ; refresh
           10m        ; retry
           1d         ; expire
           60         ; -ve cache ttl
           )
$TTL 1d
@  NS             ns1.mydomain.dom.
@  NS             ns2.mydomain.dom.
$TTL 30
113  PTR         host1.mydomain.dom.
114  PTR         host2.mydomain.dom.
;.
;.
126  PTR        hostN.mydomain.dom.

To the best on my knowledge, the above config is correct. However BIND responds 
to PTR queries authoritatively with NXDOMAIN, and, AFTER FORWARDING. It gives 
the same query respone for anything in the /24 (class C) network, not only my 
/28.
Naturally, it should NOT forward; and if it does, it should NOT respond 
authoritatively.

Using a '-' instead of '/' in the config files made no difference.
I tried this on BIND-9.6.0-P1 on FreeBSD-7.1 and BIND-9.4.3-P3 on CentOS 5.3 
with the same results.

BIND 9.6 was built in a standard way as FreeBSD port. This is how it was as 
obtained from syslog:
built with '--localstatedir=/var' '--disable-linux-caps' 
'--with-randomdev=/dev/random' '--with-openssl=/usr' 
'--with-libxml2=/usr/local' '--without-idn' '--enable-threads' 
'--sysconfdir=/etc/namedb' '--prefix=/usr' '--mandir=/usr/share/man' 
'--infodir=/usr/share/info/' '--build=x86_64-portbld-freebsd7.1' 
'build_alias=x86_64-portbld-freebsd7.1' 'CC=cc' 'CFLAGS=-O2 
-fno-strict-aliasing -pipe' 'LDFLAGS= -rpath=/usr/lib:/usr/local/lib' 'CXX=c++' 
'CXXFLAGS=-O2 -fno-strict-aliasing -pipe'


Please tell me if I did something wrong or it's a BIND problem and if so, if 
there's a workaround.

Kind regards,
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to