On 10 Jan 2007, at 11:50:23, Mark Andrews wrote:

>> On 10 Jan 2007, at 06:53:26, Stephane Bortzmeyer wrote:
>>> On Wed, Jan 10, 2007 at 06:46:09AM -0800,
>>> Merton Campbell Crockett wrote
>>> a message of 43 lines which said:
>>>> I forgot to note that I used a $ORIGIN statements in the 10.10.IN-
>>>> ADDR.ARPA zone file instead of the following notation.
>>> That's the first time that I see someone asking for help by posting
>>> what he did NOT do.

>> What can I say? After sending my original message it struck me that
>> it might be important to note that I used the following notation.
>> $ORIGIN 160.10.10.IN-ADDR.ARPA.

> Which is NOT a delegation of 160.10.10.IN-ADDR.ARPA.
> $ORIGIN does NOT change the current owner. You actually
> delegated whatever the current owner name is.
> My first thought would be. Kill the forward zones as
> you are authoritative for 10.10.IN-ADDR.ARPA.
> Make sure you have a empty forwarders declaration for
> 10.10.IN-ADDR.ARPA.

After 20 years of maintaining a stable DNS framework through multiple
mergers, I am passing the baton for the DNS to the IT organization.
Their replacement DNS framework makes extensive use of forwarders and
is extremely restrictive with regard to zone transfers. For some
strange reason they think this will increase security.

Until the transition is complete, my name server remains the "name
server of last resort" while not being permitted to transfer any
delegated zone information. As a result, I get the task of making
things work until IT assumes full responsibility.

IT retired the primary name server for the original CIDR block. I
was creating a replacement zone to prevent queries from being sent to
the root name servers. I had forgotten that the $ORIGIN statement
only appends the current origin when a simple host name is defined or
when the symbol "@" is used.


Merton Campbell Crockett