Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!usc!ucsd!ucbvax!NSIPO.ARC.NASA.GOV!medin
From: medin@NSIPO.ARC.NASA.GOV ("Milo S. Medin", NASA ARC NSI Project Office)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: gethostbyaddr() failing
Message-ID: <9012170259.AA06606@nsipo.arc.nasa.gov>
Date: 17 Dec 90 02:59:45 GMT
References: <1990Dec16.191345.22482@engin.umich.edu>
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 23


That's not a bug but a feature!  Late model BIND resolver code has a security 
feature in it which causes this behavior.  Basically, if your code does
a gethostbyaddr call to the DNS, the resolver will query the DNS system for
a PTR record for the address passed to it.  The old code would then return 
the reply, without verification.  The new code goes one step farther by
then additionally doing a gethostbyname call on the returned name, and verifying
the name has the original address as one of the A records associated with it. 
This makes DNS spoofing significantly harder, and thus things that make use of 
.rhosts and such less of a security problem.  

The problem in your case is that whoever runs your DNS configuration accidentally
left out the address in question, or used the wrong name in the PTR record.
Have nslookup check out the A records associated with ccb3.merit.edu, and I
think you'll see the error.  The syslog message basically says that
ccb3.merit.edu does not have 35.1.48.130 as one of it's interface addresses.

If you don't like seeing this message, just change your syslog configuration
to ignore it.  Otherwise, it's telling you about a configuration error in the
DNS...

						Thanks,
						   Milo