Ok, so it's old but it works... until today...
Whenever a PTR is queried, the first query comes back with the correct info, and any subsequent ones come back with that same info for different addresses. Example:
ping -a 8.8.8.8 will result in google-public-dns-a.google.com
Then ping -a x.x.x.x will also result in google-public-dns-a.google.com!
This appears to persist until a reboot, when the same behaviour can be observed again.
The full response string from an nslookup of type=ptr is:
255.255.255.255.in-addr.arpa name = google-public-dns-a.google.com
Every response appears to come back as a query of 255.255.255.255. A Wireshark trace reveals that the router believes the machine has queried 255.255.255.255, and returns a constant result.
Upstream DNS servers are responding correctly.
Does anyone have a 2600Plus in operation that can confirm this behaviour?
Debug from nslookup is below, where you can see that the question 8.8.8.8.in-addr.arpa mysteriously changes to 255.255.255.255.in-addr.arpa - securehotmail.net was the first PTR query after a reboot of the router:
> set debug
> set d2
> set type=ptr
> 8.8.8.8
Server: [172.29.0.1]
Address: 172.29.0.1
SendRequest(), len 38
HEADER:
opcode = QUERY, id = 19, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
8.8.8.8.in-addr.arpa, type = PTR, class = IN
Got answer (80 bytes):
HEADER:
opcode = QUERY, id = 19, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
255.255.255.255.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 255.255.255.255.in-addr.arpa
type = PTR, class = IN, dlen = 19
name = securehotmail.net
ttl = 60 (1 min)
255.255.255.255.in-addr.arpa
type = PTR, class = IN, dlen = 19
name = securehotmail.net
ttl = 60 (1 min)
>
