Issue with my DNS and PTR record setup


I have been trying to setup my DNS server, and I have got powerdns configured to do basic stuff.

My issue is that RPT records doesn't resolve correctly when I run dig command against public DNS server like, and it only resolve when I run it against my own Public DNS Server.

Below output displays DNS query results against my DNS server.

$ dig @My-public-DNS-server -x


; <<>> DiG 9.7.6-P1 <<>> -x
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56897
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;       IN  PTR

;; ANSWER SECTION:    18262   IN  PTR **mydomain**.

however if I run dig against public DNS server it doesn't return anything.

$ dig @ -x

Why is that? can someone help?


Posted 2013-04-12T04:49:07.270

Reputation: 375

What are you using to publish your public DNS records? Sometimes it takes awhile to pick up public DNS, depending on a few factors. – jmreicha – 2013-04-12T15:04:35.423



Do you have a delegation for the reverse zone or is it delegated to your service provider? delegations generally derive from an assignment from a Regional Internet Registry (or RIR) for example ARIN if you're in the USA or Canada)

They assign a block of network addresses and along with it the delegation for management of the reverse lookup domains corresponding to that address block.

If you don't have an address block assignment from ARIN (or whoever the RIR is for your geographic region) you probably don't control your reverse lookup domains, so when a client tries to do a lookup by traversing from the DNS root there is no delegation for them to follow to find your server to get the answer you are trying to give.

To find out who does have delegation for the subdomain of that you are concerned with you can manually follow the chain of DS records from the root or you can use dig +trace

Michael McNally

Posted 2013-04-12T04:49:07.270

Reputation: 303

I checked with my ISP, and they told me that because my allocation is less than /24 they would have to manage it for me. – user1007727 – 2013-05-02T20:36:44.820

That's not unusual. Delegating smaller than a class C is possible but it's a pain because the delegations are best set up on byte boundaries. You should probably just ask them to insert the records for you, but if you have a need to change them frequently you can ask them about accepting Dynamic DNS updates from you, secured by a pre-shared TSIG key. – Michael McNally – 2013-05-02T22:27:58.293