Question : Having trouble with Reverse DNS

I am trying to do reverse DNS for a block of IP's I have from XO.  I have contacted XO and they are certain that my name servers are responsible for reverse DNS.  I currently have one server running on that line with an address of 67.90.21.130.  I can do a reverse lookup locally  or do an nslookup remotely against that server (nslookup 67.90.21.130 67.90.21.130) and I get a response.  If I do any lookups outside, such as nslookup 67.90.21.130 4.2.2.2, I get an error:  server can't find 130.21.90.67.in-addr.arpa: NXDOMAIN.

In named.conf.local I load the reverse zone        
zone "21.90.67.in-addr.arpa"            { type master;  file "21.90.67.in-addr.arpa"; };

The file 21.90.67.in-addr.arpa contains
$TTL 1D
@                       IN  SOA ns2.medtechsys.com.  postmaster.mtsp.ad. (
                                2009090803           ; serial number
                                900          ; refresh
                                600          ; retry
                                86400        ; expire
                                3600       ) ; default TTL

                        NS       ns2.medtechsys.com.
                        NS       ns.medtechsys.com.



129                     PTR     ocean.medtechsys.com.
130                     PTR     ns2.medtechsys.com.

I have checked the firewall logs and see no dropped dns traffic to or from that dns server.

Any help is apprectiated.
Thanks

Answer : Having trouble with Reverse DNS

Okay. It looks like they have not delegated the reverse DNS for your range exactly, since you do not have authority over the entire /24 ip range. They seem to have added cname records for the reverse addresses that point to your net.

128.128/26.21.90.67.in-addr.arpa.
to...
191.128/26.21.90.67.in-addr.arpa.

I would have gone with 128.26/128.21.90.67.in-addr.arpa. but that is me.

They then have a forward dns delagation for the domain 128/26.21.90.67.in-addr.arpa. which points at your dns servers.

 So I think you need to add PTRs that match these  CNAMEs.

This is the result for a reverse lookup....

; <<>> DiG 9.4.2-P2 <<>> -x 67.90.21.130 +trace
;; global options:  printcmd
.                       515179  IN      NS      J.ROOT-SERVERS.NET.
.                       515179  IN      NS      K.ROOT-SERVERS.NET.
.                       515179  IN      NS      A.ROOT-SERVERS.NET.
.                       515179  IN      NS      G.ROOT-SERVERS.NET.
.                       515179  IN      NS      D.ROOT-SERVERS.NET.
.                       515179  IN      NS      H.ROOT-SERVERS.NET.
.                       515179  IN      NS      B.ROOT-SERVERS.NET.
.                       515179  IN      NS      E.ROOT-SERVERS.NET.
.                       515179  IN      NS      F.ROOT-SERVERS.NET.
.                       515179  IN      NS      M.ROOT-SERVERS.NET.
.                       515179  IN      NS      I.ROOT-SERVERS.NET.
.                       515179  IN      NS      L.ROOT-SERVERS.NET.
.                       515179  IN      NS      C.ROOT-SERVERS.NET.
;; Received 292 bytes from 71.242.0.14#53(71.242.0.14) in 11 ms

67.in-addr.arpa.        86400   IN      NS      x.arin.net.
67.in-addr.arpa.        86400   IN      NS      y.arin.net.
67.in-addr.arpa.        86400   IN      NS      z.arin.net.
67.in-addr.arpa.        86400   IN      NS      dill.arin.net.
67.in-addr.arpa.        86400   IN      NS      basil.arin.net.
67.in-addr.arpa.        86400   IN      NS      henna.arin.net.
67.in-addr.arpa.        86400   IN      NS      indigo.arin.net.
;; Received 194 bytes from 199.7.83.42#53(L.ROOT-SERVERS.NET) in 80 ms

90.67.in-addr.arpa.     86400   IN      NS      NS2.XO.COM.
90.67.in-addr.arpa.     86400   IN      NS      NS1.XO.COM.
90.67.in-addr.arpa.     86400   IN      NS      NS3.XO.COM.
;; Received 103 bytes from 192.35.51.32#53(dill.arin.net) in 82 ms

130.21.90.67.in-addr.arpa. 10800 IN     CNAME   130.128/26.21.90.67.in-addr.arpa.
128/26.21.90.67.in-addr.arpa. 10800 IN  NS      ns.medtechsys.com.
128/26.21.90.67.in-addr.arpa. 10800 IN  NS      ns2.medtechsys.com.
;; Received 117 bytes from 207.88.20.31#53(NS3.XO.COM) in 40 ms


but doing a lookup on 130.128/26.21.90.67.in-addr.arpa does not work... It ends like this.

21.90.67.in-addr.arpa.  3600    IN      SOA     ns2.medtechsys.com. postmaster.mtsp.ad. 2009090803 900 600 86400 3600
;; Received 122 bytes from 67.90.21.130#53(ns2.medtechsys.com) in 52 ms

So it goes to your server.

So maybe add

129.128/26        IN           PTR     ocean.medtechsys.com.
130.128/26        IN           PTR     ns2.medtechsys.com.

To the end of the file...