#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    2
    Rep Power
    0

    Problem reverse DNS PTR refused


    Hi,
    I just configure a public DNS on a debian
    Everything is ok, but there is a problem with reverse dns resolution

    in my named.conf, my network are able to use the dns :

    allow-query {127.0.0.1/32;93.xxx.xxx./21};

    but the reverse resolution from outside does not work (and work from inside):
    Host 3.148.x.93.in-addr.arpa not found: 2(SERVFAIL)

    tcpdump :

    14:30:09.868526 IP 88-190-x3.rev.dedibox.fr.58970 > ns0.x.org.domain: 34337 [1au] PTR? 3.x.x.93.in-addr.arpa. (54)
    14:30:09.869506 IP ns0.x.org.domain > x-x-22-53.rev.x.fr.58970: 34337 Refused- 0/0/1 (54)


    Should i put allow-query {any} to resolv my problem or is there another parameter to only accept reverse resolution ?

    (of course i am not enjoyed in allow-query any ...
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Posts
    248
    Rep Power
    5
    There's not much reason to restrict queries so are you sure that's the setting you want? If you host any zones you want to always allow all queries (unless you need to specifically blacklist some). You want to lock down recursion normally.


    recursion no;
    recursion yes;
    allow-recursion { acl };
    allow-recursion-on { addresses };
    allow-recursion { 10.0/16; };
    allow-recursion-on { 10.0.0.1; };
    etc...
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    2
    Rep Power
    0
    Thank you for answering,
    the good parameter was allow-recursion, and i tryed to block query with allow-query

    Thanks !

IMN logo majestic logo threadwatch logo seochat tools logo