LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-22-2009, 02:37 PM   #1
sjphares
LQ Newbie
 
Registered: Dec 2007
Posts: 16

Rep: Reputation: 0
Talking DNS/Bind reverse zone file confusion


I am confused about DNS and bind reverse zone files. I am running centos 5.3 and bind-9.3.4-10.P1.el5.

I have not been responsible for DNS since Bind 4.x. and linux/UNIX version??? and I have inherited this task.

I have borrowed a copy of O’Reilly DNS and BIND 5th Edition that I am using as a guide. Following O’Reilly’s example I started “not using abbreviations or shortcuts in our zone data, at least not initially,” and started editing the zone files using the long-hand syntax to grasp/relearn the concept.

My forward mapping zone file passes named-checkzone with no errors using the long-hand syntax but my reverse mapping zone file(s) fail.

I wanted to start with unabbreviated syntax, but just to get things going I downloaded an example reverse file and edited it to fit one of my subnets.

The resulting file used shorthand syntax but it passed named-checkzone.
My named.conf and reverse mapping files are listed below.



I really have two questions.

1..) While I am still having issues with the long-hand file loading (db.172.16.1) its concept does make some sense to me. Can someone please explain what I am doing wrong in the file ‘db.172.16.1’. It is almost verbatim out of the O’Reilly book.

2..) The edited shorthand version (db.172.reverse) loads and resolves for my 172.16.1.0 subnet but a second shorthand reverse file (db.192.reverse) for my 192.168.1.0 subnet is almost identical to the first. ***Neither file explicitly refers to an IP subnet.

How does 'named' differentiate the line

2 IN PTR bravo.harenet-tech.net.
(in the first zone file - for the 172 subnet)

from

2 IN PTR delta.harenet-tech.net.
(in the second zone file - for the 192 subnet)


[bravo OR delta].harenet-tech.net


Is it as intuitive as… each zone file is “called” from within a different X.Y.Z.in-addr.apra section of the named.conf file? Just guessing.


Thank you in advance for any help and clarification.


################################################
Contents of /var/named/db.172.16.1

;file: /var/named/db.172.16.1 --- last update: 20-dec-09
$TTL 86400 ; 1 day
1.16.172.in-addr.arpa. IN SOA alpha.harenet-tech.net. root.harenet-tech.net. (
2009122001; serial
28800; refresh (8 hours)
14400; retry (4 hours)
788645; expire (1wk,2days,3hrs,4mins,5sec)
86400; minimum (1day)
)

;###Name Server(s)
1.16.172.in-addr.arpa. IN NS alpha.harenet-tech.net.

;###172.16.1.0 hosts
1.1.16.172.in-addr.arpa. IN PTR alpha.harenet-tech.net.
2.1.16.172.in-addr.arpa. IN PTR bravo.harneet-tech.net.


#################################################
Contents of /var/named/db.172.reverse

;file: /var/named/db.172.reverse
$TTL 86400 ; 1 day
@ IN SOA dns.harenet-tech.net. root.harenet-tech.net.(
2009121301; serial
28800; refresh (8 hours)
14400; retry (4 hours)
788645; expire (1wk,2days,3hrs,4mins,5sec)
86400; minimum (1day)
)
IN NS alpha.harenet-tech.net.
1 IN PTR alpha.harenet-tech.net.
2 IN PTR bravo.harenet-tech.net.

#
####################
Contents of /var/named/db.192.reverse

;file: /var/named/db.192.reverse
$TTL 86400 ; 1 day
@ IN SOA dns.harenet-tech.net. root.harenet-tech.net.(
2009121301; serial
28800; refresh (8 hours)
14400; retry (4 hours)
788645; expire (1wk,2days,3hrs,4mins,5sec)
86400; minimum (1day)
)
IN NS alpha.harenet-tech.net.
1 IN PTR charlie.harenet-tech.net.
2 IN PTR delta.harenet-tech.net.

####################
Contents of /etc/named.conf…
//file: /etc/named.conf --- last update: 20-dec-09
options
{ directory "/var/named";
listen-on port 53 { 127.0.0.1; 172.16.1.1; 192.168.1.1; };
query-source address * port 53;
// also-notify { 12.207.232.47 port 53; }; //telco's machine
};

include "/var/named/h4r3n3t-t3ch/rndc.key";
include "/var/named/logging_code";

acl "harenet-lan" { 127/8; 172.16.1.0/24; 192.168.1.0/24; };
controls {inet 127.0.0.1 allow { localhost; } keys { rndckey; }; };

view "inside"
{
match-clients { "harenet-lan"; };
recursion yes;

zone "harenet-tech.net" IN
{
type master;
file "db.harenet-tech.net.inside";
allow-query { 172.16.1.0/24; 192.168.1.0/24; };
allow-update { key "rndckey"; };
};

// zone "1.16.172.in-addr.arpa" IN
// {
// type master;
// file "db.172.16.1"; //**This does NOT pass named-checkzone
// allow-update { key "rndckey"; };
// };

zone "1.16.172.in-addr.arpa" IN
{
type master;
file "db.reverse.172"; //This passes named-checkzone
allow-update { key "rndckey"; };
};

// zone "1.168.192.in-addr.arpa" IN
// {
// type master;
// file "db.192.168.1";
// allow-update { key "rndckey"; };
// };
//
// zone "0.0.127-in-addr.arpa" IN
// {
// type master;
// file "db.127.0.0";
// };
//
zone "." IN
{
type hint;
file "db.cache";
};
};

//view "outside"
//{
Omitted…
//};
 
Old 12-22-2009, 03:29 PM   #2
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 163Reputation: 163
Well in the configs you posted... some of those shouldn't work unless they were previously cached.

Code:
zone "1.16.172.in-addr.arpa" IN {
  type master;
  file "db.reverse.172";
  allow-update { key "rndckey"; };
};
You normally have an entry like each of the above for each set you're looking at. The name of the file is largely moot it's the zone name that determines if it falls into the block and the file directive tells it what file to look in.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] bind reverse zone; no name with reverse lookup deadeyes Linux - Server 3 10-12-2009 10:54 AM
BIND forward zone OK, reverse zone NOT OK! n03x3c Linux - Server 2 11-05-2008 11:31 PM
DNS/BIND and file confusion ACDII Linux - General 2 07-27-2007 08:38 AM
double entries at reverse zone by BIND 9 ccc Linux - Networking 0 01-08-2004 01:49 PM
BIND DNS Problems with Zone file and Config Init-0 Linux - Networking 6 07-30-2003 05:58 PM


All times are GMT -5. The time now is 08:01 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration