Discussion:
.in-addr.arpa. input/output error HELP
Friedrich Sinofzik
2002-07-02 17:43:24 UTC
Permalink
HI EVERYONE.



My question:



Iam a small ISP, I have 5 machines in my internal network .

I setup 2 servers to work like a CACHE for my internal network .

The first server 200.xxx.xxx.195 and the second server 200.xxx.xxx.197
..

Each one have a internal chache and external cache configured and the
resolve.conf pointed first to 200.xxx.xxx.195, 200.xxx.xxx.197 and to
127.0.0.1 ( if the both external cache go down )..



The dnscachex ( the external dnscache). In both machine have under
/tinydns/root/ip all my internal machines ips to permit this machines
use this chache servers .



All is working fine.but a strange thing happens to resolv the PTR of
specifics ips ( no my ips, but the net ips)..

Almost all ips resove without problem.. maybe 90% but a lot of ips iam
receiving that cant resolv the reverse ip..



Why this happens?? In bind this ips resolve fine....

A Exemple IP, this ip is my ip from my Satelite Link. Is out from this
machines ip pools, I cant enter in this machines because the ssh try
resolve the ip, and cant do it..



200.221.182.163



this is just 1 exemple, this ips resolve in bind and Almost ns servers
in net.. but in my chache not..





***@fred:/# dnsname 200.221.182.163

dnsname: fatal: unable to find host name for 200.221.182.163: timed out



***@fred:~# tail -f /service/dnscache/log/main/current

@400000003d2182e920ceac8c servfail 163.182.221.200.in-addr.arpa.
input/output error

@400000003d2182e920cefe94 sent 3401 46

@400000003d2182f321fe916c servfail 163.182.221.200.in-addr.arpa.
input/output error

@400000003d2182f321fed3d4 sent 3402 46

@400000003d2183ca2631754c query 3457 7f000001:1012:a0d6 12
83.128.221.200.in-addr.arpa.

@400000003d2183ca2631bf84 tx 0 12 83.128.221.200.in-addr.arpa.
200.in-addr.arpa. c8d8edc3

@400000003d2182ff3774e44c servfail 163.182.221.200.in-addr.arpa.
input/output error

@400000003d2182ff37752e84 sent 3403 46

@400000003d21839c1f0b420c query 3450 7f000001:9b08:5681 12
163.182.221.200.in-addr.arpa.

@400000003d2183aa229e0d8c query 3453 7f000001:8d3f:0715 12
163.182.221.200.in-addr.arpa.

@400000003d2183aa229e5bac tx 0 12 163.182.221.200.in-addr.arpa.
200.in-addr.arpa. c8d8edc3

@400000003d21839c1f0b902c tx 0 12 163.182.221.200.in-addr.arpa.
200.in-addr.arpa. c8d8edc3

@400000003d2183d42763d2fc query 3459 7f000001:1012:a0d6 12
83.128.221.200.in-addr.arpa.

@400000003d2183d427642504 tx 0 12 83.128.221.200.in-addr.arpa.
200.in-addr.arpa. c8d8edc3

@400000003d2183d8262d1434 servfail 163.182.221.200.in-addr.arpa.
input/output error

@400000003d2183d8262d5e6c sent 3450 46

@400000003d2183e2263322fc query 3460 7f000001:0b28:8820 12
163.182.221.200.in-addr.arpa.

@400000003d2183e22633711c tx 0 12 163.182.221.200.in-addr.arpa.
200.in-addr.arpa. c8d8edc3

@400000003d2183e629c27bac servfail 163.182.221.200.in-addr.arpa.
input/output error

@400000003d2183e629c2c5e4 sent 3453 46





trying resove in ns1.dns.br this ip reverse, work fine.. but in my own
cache not I receive a time out message

***@fred:/# dnsq ptr 163.182.221.200.in-addr.arpa ns1.dns.br

12 163.182.221.200.in-addr.arpa:

129 bytes, 1+0+2+2 records, response, noerror

query: 12 163.182.221.200.in-addr.arpa

authority: 182.221.200.in-addr.arpa 86400 NS eliot.uol.com.br

authority: 182.221.200.in-addr.arpa 86400 NS borges.uol.com.br

additional: eliot.uol.com.br 86400 A 200.221.11.98

additional: borges.uol.com.br 86400 A 200.221.11.105







now, in the same machine I disable the dnscache and dnscachex ( internal
and external cache ) and put up the BIND.



***@fred:/# nslookup

Default Server: localhost

Address: 127.0.0.1
200.221.182.163
Server: localhost

Address: 127.0.0.1



Name: 200-221-182-163.uolsat.uol.com.br

Address: 200.221.182.163
set q=ptr
200.221.182.163
Server: localhost

Address: 127.0.0.1



Non-authoritative answer:

163.182.221.200.in-addr.arpa name = 200-221-182-163.uolsat.uol.com.br



Authoritative answers can be found from:

182.221.200.in-addr.arpa nameserver = ELIOT.uol.com.br

182.221.200.in-addr.arpa nameserver = BORGES.uol.com.br

ELIOT.uol.com.br internet address = 200.221.11.98

BORGES.uol.com.br internet address = 200.221.11.105





All resolv fine........

Why DJBDNS not do this and bind do?? What is wrong ?? in @ file under
/server I changed to be like in root.hints in bind but still not
working..





Help plese.. thanks a lot..
s***@tiscali.it
2002-07-03 07:50:33 UTC
Permalink
Can seem surprising but I resolved this trouble with an advertise
in the data file.
You must set at the top of the data file this line before of everything:
".::127.0.0.1" if your Tinydns listen on this address otherwise
try to put your tiny address!
With me this solution has work fine.
I hope this can help.
Bye

Saffioti Goffredo.
-- Messaggio Originale --
Subject: .in-addr.arpa. input/output error HELP
Date: Tue, 2 Jul 2002 14:43:24 -0300
HI EVERYONE.
Iam a small ISP, I have 5 machines in my internal network .
I setup 2 servers to work like a CACHE for my internal network .
The first server 200.xxx.xxx.195 and the second server 200.xxx.xxx.197
..
Each one have a internal chache and external cache configured and the
resolve.conf pointed first to 200.xxx.xxx.195, 200.xxx.xxx.197 and to
127.0.0.1 ( if the both external cache go down )..
The dnscachex ( the external dnscache). In both machine have under
/tinydns/root/ip all my internal machines ips to permit this machines
use this chache servers .
All is working fine.but a strange thing happens to resolv the PTR of
specifics ips ( no my ips, but the net ips)..
Almost all ips resove without problem.. maybe 90% but a lot of ips iam
receiving that cant resolv the reverse ip..
Why this happens?? In bind this ips resolve fine....
A Exemple IP, this ip is my ip from my Satelite Link. Is out from this
machines ip pools, I cant enter in this machines because the ssh try
resolve the ip, and cant do it..
200.221.182.163
this is just 1 exemple, this ips resolve in bind and Almost ns servers
in net.. but in my chache not..
dnsname: fatal: unable to find host name for 200.221.182.163: timed out
@400000003d2182e920ceac8c servfail 163.182.221.200.in-addr.arpa.
input/output error
@400000003d2182e920cefe94 sent 3401 46
@400000003d2182f321fe916c servfail 163.182.221.200.in-addr.arpa.
input/output error
@400000003d2182f321fed3d4 sent 3402 46
@400000003d2183ca2631754c query 3457 7f000001:1012:a0d6 12
83.128.221.200.in-addr.arpa.
@400000003d2183ca2631bf84 tx 0 12 83.128.221.200.in-addr.arpa.
200.in-addr.arpa. c8d8edc3
@400000003d2182ff3774e44c servfail 163.182.221.200.in-addr.arpa.
input/output error
@400000003d2182ff37752e84 sent 3403 46
@400000003d21839c1f0b420c query 3450 7f000001:9b08:5681 12
163.182.221.200.in-addr.arpa.
@400000003d2183aa229e0d8c query 3453 7f000001:8d3f:0715 12
163.182.221.200.in-addr.arpa.
@400000003d2183aa229e5bac tx 0 12 163.182.221.200.in-addr.arpa.
200.in-addr.arpa. c8d8edc3
@400000003d21839c1f0b902c tx 0 12 163.182.221.200.in-addr.arpa.
200.in-addr.arpa. c8d8edc3
@400000003d2183d42763d2fc query 3459 7f000001:1012:a0d6 12
83.128.221.200.in-addr.arpa.
@400000003d2183d427642504 tx 0 12 83.128.221.200.in-addr.arpa.
200.in-addr.arpa. c8d8edc3
@400000003d2183d8262d1434 servfail 163.182.221.200.in-addr.arpa.
input/output error
@400000003d2183d8262d5e6c sent 3450 46
@400000003d2183e2263322fc query 3460 7f000001:0b28:8820 12
163.182.221.200.in-addr.arpa.
@400000003d2183e22633711c tx 0 12 163.182.221.200.in-addr.arpa.
200.in-addr.arpa. c8d8edc3
@400000003d2183e629c27bac servfail 163.182.221.200.in-addr.arpa.
input/output error
@400000003d2183e629c2c5e4 sent 3453 46
trying resove in ns1.dns.br this ip reverse, work fine.. but in my own
cache not I receive a time out message
129 bytes, 1+0+2+2 records, response, noerror
query: 12 163.182.221.200.in-addr.arpa
authority: 182.221.200.in-addr.arpa 86400 NS eliot.uol.com.br
authority: 182.221.200.in-addr.arpa 86400 NS borges.uol.com.br
additional: eliot.uol.com.br 86400 A 200.221.11.98
additional: borges.uol.com.br 86400 A 200.221.11.105
now, in the same machine I disable the dnscache and dnscachex ( internal
and external cache ) and put up the BIND.
Default Server: localhost
Address: 127.0.0.1
Post by Friedrich Sinofzik
200.221.182.163
Server: localhost
Address: 127.0.0.1
Name: 200-221-182-163.uolsat.uol.com.br
Address: 200.221.182.163
Post by Friedrich Sinofzik
set q=ptr
200.221.182.163
Server: localhost
Address: 127.0.0.1
163.182.221.200.in-addr.arpa name = 200-221-182-163.uolsat.uol.com.br
182.221.200.in-addr.arpa nameserver = ELIOT.uol.com.br
182.221.200.in-addr.arpa nameserver = BORGES.uol.com.br
ELIOT.uol.com.br internet address = 200.221.11.98
BORGES.uol.com.br internet address = 200.221.11.105
All resolv fine........
/server I changed to be like in root.hints in bind but still not
working..
Help plese.. thanks a lot..
__________________________________________________________________
TuttoTISCALI e' il tuo nuovo contratto di telefonia!
Chiami in tutta Italia, giorno e notte, al prezzo di un'urbana
Ti colleghi ad Internet e spendi meno di un'urbana
http://point.tiscali.it/tuttotiscali/webmail.html
Jonathan de Boyne Pollard
2002-07-04 22:35:59 UTC
Permalink
FS> Each one have a internal chache and external cache [...]

There's rarely a need for both on one machine. In your case, you don't need
the caching proxy servers listening on 127.0.0.1 . Remove those services and
remove 127.0.0.1 from the listings in "/etc/resolve.conf".

FS> In both machine have under /tinydns/root/ip all my internal
FS> machines ips to permit this machines use this chache servers .

Unless you have made the bizarre choice of creating a service directory for
"dnscache" named "/tinydns", this is wrong. The ACLs should be in "root/ip"
under your "dnscache" service directory, not under your "tinydns" service
directory.

FS> @400000003d2183ca2631bf84 tx 0 12 83.128.221.200.in-addr.arpa.
FS> 200.in-addr.arpa. c8d8edc3

This is a configuration error on your part. There are 10 "200.in-addr.arpa."
content DNS server IP addresses published in the public DNS database.
200.216.237.195 is not one of them. Yet your "dnscache" clearly thinks that
it is, and moreover thinks that that is the _only_ "200.in-addr.arpa." content
DNS server. This is almost certainly because you have told it so, explicitly
overriding the content of the public DNS database with a file in
"root/servers". Remove the override, restart "dnscache", and watch it proceed
to obtain the correct answers.

Loading...