On 12/26/19 7:48 PM, Edouard Guigné wrote:
I have set a bind server for my domain "pasteur-cayenne.fr" which is primary authorative zone server for this domain.
"pasteur-cayenne.fr" and "… this domain." are imperative.
Secondary servers for this domain are set to orange (ns6.oleane.net and ns7.oleane.net)
"… this domain …" (pasteur-cayenne.fr)
It is working good except for reverse dns lookup : - reverse ip dns lookup is working for my bind server - reverse ip dns lookup is not working with orange dns server
You have unknowingly answered your problem.You have set up a primary & secondary configuration for the "pasteur-cayenne.fr" domain. That is only for /forward/ DNS. It does nothing for /reverse/ DNS in the "246.2.186.in-addr.arpa" domain.
This is weird, all the zone "pasteur-cayenne.fr" is well replicated on orange server, except for reverse dns lookup...
Forward DNS and reverse DNS are in completely different zones.
here is a dump of my zone file :
That is your /forward/ DNS zone file. It has nothing to do with reverse DNS.Your server is resolving the reverse DNS out of the "17.246.2.186.in-addr.arpa" zone.
Only reverse DNS for smtp.pasteur-cayenne.fr is configured on this public ip; Should my DNS server (ara.pasteur-cayenne.fr) have also a reverse DNS ?What names you assign where and how is up to you. But there are some best practices that I'd suggest you follow.
I believe that (most of the time) servers have exactly one name, their canonical name. You can have other aliases (published as a CNAME record) point to the canonical name.
I would discourage having an IP address (reverse) resolve to multiple host names. My experience has shown that this /usually/ leads to problems. Particularly with sending email.
I would like only reverse dns to work with smtp.pasteur-cayenne.fr because this is needed for mail (rdns check from others MTA).
I suspect that you mean that you want your MTA's IP address to only (reverse) resolve to one name. I assume you want other IPs to (reverse) resolve to different names.
You need to work with your IP provider to configure reverse DNS for your IP(s). That may mean that they publish PTR records on your behalf. Or it may mean that they delegate the records to you in one way or another. (I would ask them to "delegate" 17.246.2.186.in-addr.arpa (et al.) if I were in your situation.)
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
