PTR Record Setup

dswilson · June 27, 2023, 6:51pm

I am trying to use Cloudflare to host my PTR records for the IP space that I own.

I have configured the setting in my ARIN account to use Cloudflare as my name server.

And have created the appropriate records on my Cloudflare account.

But when I do a lookup on the IP address I don’t get any results.

I suspect I either miss understand the following tutorial or I am missing a setting in the configuration.

Any insights into the problem would be appreciated. I would provide additional screenshots but Cloudflare is currently blocking my account from adding more images.

Drew

dswilson · June 27, 2023, 6:52pm

Cloudflare configuration.

dswilson · June 27, 2023, 6:53pm

PTR Lookup.

Chaika · June 27, 2023, 7:05pm

Looks like you have two issues (assuming the second screenshot is from the zone 176.135.23.in-addr.arpa, added within Cloudflare)

1.The name of the PTR Record should be 4.176.135.23.in-addr.arpa, and the content should be the forward dns hostname (i.e pointing at a record on another zone/domain which has an A Record pointing at 23.135.176.4)
2. You have a broken DNSSEC setup: 4.176.135.23.in-addr.arpa | DNSViz, hence why you see servfail. You have DNSSEC Setup in ARIN (the keytag/algo/digest fields), but not in Cloudflare. You’ll want to disable/remove those fields in ARIN’s Database, or enable it within Cloudflare (DNS → Settings) and update ARIN with the values it gives you.

dswilson · June 27, 2023, 8:15pm

Updated Cloudflare DNS records.

I also deleted the DNSSEC from ARIM.

I am still getting an error when I do a records lookup. But I suspect I might just need to wait for the DNSSEC settings to change.

Drew

Chaika · June 27, 2023, 8:21pm

You’re creating the PTR Records in the wrong zone/domain within Cloudflare. Those PTR Records need to be added to the 176.135.23.in-addr.arpa zone/domain, not spyrnetwork.com The A records should stay. All you’ve created at the moment is a ptr at 4.176.135.23.in-addr.arpa.spyrnetwork.com

You’ll know when you put them in the right domain/zone when the name just shows as something like 4. 5. and not the full hostname

dswilson · June 27, 2023, 8:44pm

I created a whole new site 176.135.23.in-addr.arpa in Cloudflare, then deleted the PTR records from the spyrnetwork(dot)com domain name, then readded them to the new site.

I am now getting a response when I do a PTR lookup.

Drew

Chaika · June 27, 2023, 8:52pm

Looks good to me. Looks the new zone used your account cloudflare nameservers (the same you already had configured), in some cases/due to conflicts, it doesn’t, not guaranteed afaik.
DNSSEC is still failing, but I don’t see the DNSSEC fields in ARIN’s DB anymore, so should hopefully just be a matter of time until that updates. I only have used RIPE’s before personally, a google search shows that it seems ARIN says it can take around 24 hours to update.

system · June 30, 2023, 8:52pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.