I need some DNS Expertise

This is killing me.

DNS is working and all setup (I think correctly). I've never had any problems like this in the past.

Internally my server performs name and reverse look ups, no problem. However, everything on the outside world can't do reverse lookup's.

I've tried everything that I know, except completely blowing away the system and starting from scratch.

I'm using Win2k, but not Active Directory (slows things down too much and I don't need it).

The domain is little-egg.com, SOA 12.161.24.50.

I'm hoping that someone out there has come across this.

You need to tell your ISP to delegate IP resolution for your IP to your name server.

Just to clarify.
I have a Class C license, and I'm not using my ISP for any DNS services.
It should be fully resolving to my servers, but they may be handling some name resolution?

I apologize for the ignorance, but am I wrong in thinking that if this is the case my ISP is overstepping?

Because this has really screwed me for a while. Also, would this be sporadic? Because every so often, it does resolve, but majority of the time it doesn't.

I really appreciate your help Rage.

I need more info. What IP addresses and nameservers SHOULD be resolving your IP. And what is the class C block that is yours. 12.161.24?

The IP address's that should be resolving are 12.161.24.10 and 12.161.24.50.

My Class C block is 12.161.24.1 - .254

I ran through your WebCrawler software, and using my servers, they supply a reverse DNS. Using any other server (resolver) doesn't do anything.

Since you've got a large network, I'm going to suggest something I don't usually suggest. You may want to deny zone transfers from just anybody. As you can see below, a person can easily map out your network instantly.

http://www.dollardns.net/cgi-bin/dn...=AXFR&submit=DS

With that info, they'd try zone transfers on all the domains they see there and see what new information they can gather. Then they can at leisure try your services to see what may be exploitable with an understanding as to what is what and what is where. Back when I was still newly learning about DNS transfers, I went "zone crawling" and found loads of domains that allowed transfers (when some people thought this was a rare thing) and all kinds of interesting information. That's what inspired the DNS Crawler in the first place. I wanted to make it easier/faster to "crawl". At the time my motivation was finding new types of records I don't yet support, other people may have more sinister reasons.

Well currently, your name servers don't have the right to resolve that IP block. As shown below:

http://www.dollardns.net/cgi-bin/dn...&lr=4&submit=DS

ns5.readyhosting.com (63.99.209.103)
ns6.readyhosting.com (63.99.209.104)

The above name servers currently have those rights. Course, as is commonly the case with reverse configurations, they're badly configured and caused my DNS Crawler to go into a kind of loop cause those name servers don't say they're authoritative for that IP block.

(P.S. You called my DNS crawler a "webcrawler". Webcrawlers are used by search engines and are also called "spiders".)

My aplogize, I know it's not a webcrawler, that's the only word that came to my head when I was typing out the last message.

Readyhosting was my old Hosting company until I decided to start this on my own. I noticed the same thing yesterday and request that they shut down my services and clear there DNS.

Does this mean that I should contact my ISP (ATT) and see if they can manually change this? How do I get the authority back so that my servers resolve those IP's.

I was under the assumption that when I changed my Registrar info (ie: ns, etc) once propogated, it would be taken care of. I guess not.

And sorry for the mis-spellings. Typing to fast.

The all important questions: "how do you register reverse IP resolution?" "What process do I take to find the owner of the resolution of an IP and get delegation to my name server?"

As of writing this post, I do not know the answer to your question. Only yesterday for the very first time have I even scratched the surface. I found the address of a whois server that is authoritative for the "arpa" domain which controls such things. They even have a website where I think (but not certain) registration of reverse IP domains take place. Here's that address:

http://www.iana.org/arpa-dom/

You might want to visit the site home as well:

http://www.iana.org

Lots of interesting information there. Unfortunately I've only glanced at it. Definately sometime when I have a bit of time I'll be reading what that site has to say. But anyway, I think all this entirely informational. Read below for some serious help.

---

Now, everything I said up to now has to do with the registry and whois where of course I've got things I still need to learn. However, I know DNS better than anybody I've ever met, and this is what it has to say to me:

http://www.dollardns.net/cgi-bin/dn...e=PTR&submit=DS

The root DNS servers says that the servers to talk to about resolution for the entire 12.0.0.0 IP block is shown below:

12.IN-ADDR.ARPA
===CBRU.BR.NS.ELS-GMS.ATT.NET
===CMTU.MT.NS.ELS-GMS.ATT.NET
===DBRU.BR.NS.ELS-GMS.ATT.NET
===DMTU.MT.NS.ELS-GMS.ATT.NET

By clicking on a purple link you are IMMEDIATELY told to query readyhosting. This tells me that "ATT.NET" is in control over the IP block. So yes, contact them about delegating to your name servers instead.

Well I greatly appreciate your help on this Rage. I feel much better knowing that I wasn't loosing my mind.

I've been doing DNS work for sometime. By no means am I as knowledgable as you are when it comes to DNS, but never came across this.

The ISP is making the changes, and investigating why this wasn't taken care of during the provisioning of the service.

Guess that's one more thing for me to add to my check list.

Hope you don't mind, but if anyone comes to me with DNS issues, I'll be sending them to DollarDNS. Get you some more business hopefully.

Thanks a ton.