Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • TPA team TPA team
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 173
    • Issues 173
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • TPA
  • TPA teamTPA team
  • Issues
  • #40159
Closed
Open
Created Feb 04, 2021 by anarcat@anarcatOwner

IPv4 reverse dns broken in gnt-chi

I sent this ticket to cymru:

Hi,

I can't exactly figure out why, but we can't do reverse DNS resolution for our machines in 38.229.82.0/24. Example:

$ host 38.229.82.20
Host 20.82.229.38.in-addr.arpa. not found: 3(NXDOMAIN)

If we ask our DNS servers, they answer correctly:

$ host 38.229.82.20 ns1.torproject.org
Using domain server:
Name: ns1.torproject.org
Address: 38.229.72.12#53
Aliases: 

20.82.229.38.in-addr.arpa domain name pointer tb-tester-01.torproject.org.

It seems the zone is not correctly delegated our way:

$ dig -x 38.229.82.20 +trace

; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> -x 38.229.82.20 +trace
;; global options: +cmd
.			12688	IN	NS	b.root-servers.net.
.			12688	IN	NS	j.root-servers.net.
.			12688	IN	NS	k.root-servers.net.
.			12688	IN	NS	a.root-servers.net.
.			12688	IN	NS	h.root-servers.net.
.			12688	IN	NS	d.root-servers.net.
.			12688	IN	NS	e.root-servers.net.
.			12688	IN	NS	c.root-servers.net.
.			12688	IN	NS	i.root-servers.net.
.			12688	IN	NS	g.root-servers.net.
.			12688	IN	NS	m.root-servers.net.
.			12688	IN	NS	f.root-servers.net.
.			12688	IN	NS	l.root-servers.net.
.			12688	IN	RRSIG	NS 8 0 518400 20210216170000 20210203160000 42351 . pmL1poYE09UpdGFi41iFsjgWsxt0k/M+Ks0muX/KyWywCrHqb++EqWal 6K6ss7AFaNQuVwJ6rs49CjTNZJX2uf3etuIgIGJoYeXxBT0h7LhaZ0Jb jSlKYQS6j5QgQ5SkIBCF57V8GoD5J1y3mK1UfT0YN6suDBYHqHsEAenl mXs+fRw6KvcsFZoJkfgG/OCpdeJjlpaWQ01vGvPcYRHllgNJVdyFpH82 UxMErX2XczDu7OrkD45zl3DnpI2lReu+AP5VrPeXYNhpdHnPiaCBLjjl 7qSGRPbvcfQylix/J0oJyygdPFvjlIakHohH60I6fqKGleuYxu6JW8qW RkrFPQ==
;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms

in-addr.arpa.		172800	IN	NS	a.in-addr-servers.arpa.
in-addr.arpa.		172800	IN	NS	b.in-addr-servers.arpa.
in-addr.arpa.		172800	IN	NS	c.in-addr-servers.arpa.
in-addr.arpa.		172800	IN	NS	d.in-addr-servers.arpa.
in-addr.arpa.		172800	IN	NS	e.in-addr-servers.arpa.
in-addr.arpa.		172800	IN	NS	f.in-addr-servers.arpa.
in-addr.arpa.		86400	IN	DS	47054 8 2 5CAFCCEC201D1933B4C9F6A9C8F51E51F3B39979058AC21B8DF1B1F2 81CBC6F2
in-addr.arpa.		86400	IN	DS	53696 8 2 13E5501C56B20394DA921B51412D48B7089C5EB6957A7C58553C4D4D 424F04DF
in-addr.arpa.		86400	IN	DS	63982 8 2 AAF4FB5D213EF25AE44679032EBE3514C487D7ABD99D7F5FEC3383D0 30733C73
in-addr.arpa.		86400	IN	RRSIG	DS 8 2 86400 20210217120000 20210204110000 41685 arpa. MDiXByrhwnOXvKe/Ktrsonwjb/7lcdCNKGkWf852zDOCRgBFLNUEgLLk +GjSa8qADo0mXwYy30y8ZRgMp8QDGz+WrLvq9UVK+nDe2hcpOO8O/tSo h0J8CWSyXBLi60GkmtZJE4i6bBM+gIFHtKU5E+Tq/CdPvBiSw27EUfQP z3E7aoV3BTH8ZGh3W0nr48W2kvM7j0fVSu9oJHNMrcuKLpDlUxvhFz2o Dz7syc06xZfevniCOsQUDXAcomoDX9D8gZ+F0xtV9dZLV1b0M2vbhWH1 nRF28cPo30OIhC5Ac5afJz/NB8vOVhznacP61WEoWvAwpiiKeLMrdvuK zcGnnQ==
;; Received 866 bytes from 192.203.230.10#53(e.root-servers.net) in 18 ms

38.in-addr.arpa.	86400	IN	NS	auth5.dns.cogentco.com.
38.in-addr.arpa.	86400	IN	NS	auth1.dns.cogentco.com.
38.in-addr.arpa.	86400	IN	NS	auth2.dns.cogentco.com.
38.in-addr.arpa.	86400	IN	NS	auth4.dns.cogentco.com.
38.in-addr.arpa.	3600	IN	NSEC	39.in-addr.arpa. NS RRSIG NSEC
38.in-addr.arpa.	3600	IN	RRSIG	NSEC 8 3 3600 20210215095215 20210125160002 34704 in-addr.arpa. AsmO4cHB6C40pyNu1+WP5XVoJcHCo0HQZPImhmyHrbi/bgYZxpbUT2MF T8BapeNyrmxsFthKeQ+RJiJuxREHNaH3kE7o3zrBZh8R/ygkF46ESVkV aWEs/yrkhSIjw9fZ6B3GR/YuMIpISrlD8zCBSdyu6JCOlVZj5tphxLQG T8Y=
;; Received 402 bytes from 203.119.86.101#53(e.in-addr-servers.arpa) in 151 ms

229.38.in-addr.arpa.	43200	IN	NS	ns2.cymru.com.
229.38.in-addr.arpa.	43200	IN	NS	ns3.cymru.com.
229.38.in-addr.arpa.	43200	IN	NS	ns1.cymru.com.
;; Received 145 bytes from 80.91.64.50#53(auth5.dns.cogentco.com) in 115 ms

82.229.38.in-addr.arpa.	7200	IN	SOA	ns1.cymru.com. noc.cymru.com. 2020110201 21600 3600 604800 7200
;; Received 107 bytes from 38.229.0.47#53(ns2.cymru.com) in 102 ms

Maybe the delegation wasn't correctly setup?

Thanks for looking into this,

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking