Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Interpreting a DNS report

0 views
Skip to first unread message

Tom Gill

unread,
Jul 6, 2004, 10:41:28 AM7/6/04
to
I am with a small ISP in Orlando, Florida. Some of our users are
having problems sending email to others and are receiving returned
messages that say our email server has no reverse lookup.

When I go to www.dnsstuff.com and use the reverse lookup utility on
our mail server's IP (216.54.161.51), it comes back just fine
(sun-msg-1.orlandotelco.net).

However, when I go to www.dnsreport.com and do a reverse on the
161.54.216.in-addr.arpa zone, I fail some of the tests:

It says we have lame nameservers, and missing (stealth) nameservers.
Can anyone help interpret these in English? The results of the
dnsreport can be found here:

http://www.dnsreport.com/tools/dnsreport.ch?domain=161.54.216.in-addr.arpa

Thanks for your time,
Tom

Sten Carlsen

unread,
Jul 6, 2004, 5:50:44 PM7/6/04
to
Tom Gill wrote:

I tried both forward and reverse lookup from here, forward is fine.
Reverse don't return any answer for me, so your client could be right.

--
Best regards

Sten Carlsen

No improvements come from shouting:

"MALE BOVINE MANURE!!!"


Sten Carlsen

unread,
Jul 6, 2004, 6:37:49 PM7/6/04
to
Tom Gill wrote:
>Sten,
>
>I appreciate the response. I agree with my client. I can find many
>nameservers that are not able to perform the reverse lookup. Especially
>after looking at the dns report, I definitely see that there is a problem.
>The real problem though is that I am having a hard time understanding where
>to look or what to do. The dns report says I am missing nameservers as well
>as have lame nameservers. Do we need to speak with our upstream provider
>(Time Warner Telecom)?
>
>
There seems to be two issues here:
- forward lookup: lame nameservers, my server lists
"netra-ns1.orlandotelco.net" as authoratative, not the official servers.
this should be cleared with your DNS service provider/the records at the
upstream provider should be corrected to indicate the nameserver that
will actually be authorative for your domain.

- reverse lookup: there seems to be problems with reverse delegation
further up in the hierachy, there are a lot of explanations in the
archives from the bind-users mail-list. Archives are at isc.org
(somewhere, I don't remember where).


Basically this looks like a mess to me, you need, I guess, a good spring
cleaning.

>Thanks again,
>Tom

Ladislav Vobr

unread,
Jul 10, 2004, 1:44:43 AM7/10/04
to
When I look at the your reverse class report, it says one fail - Missing
nameservers, which basically means there is a mismatch between the
parent and the child in who should be nameservers authoritative for this
reverse zone. Parent says ns1 and ns2, and inside the authoritative zone
on the child you mentioned just ns1.

This kind of information should be same on parent as well as child, you
might face interminent problems with it.

BTW: you should really have more than single server, this is a must. You
can somehow register with single one "pretending two", as you did, but
at the end this will really turn against you... (and your users)

Ladislav

0 new messages