LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Reverse DNS on LAN using bind9 not working (http://www.linuxquestions.org/questions/linux-networking-3/reverse-dns-on-lan-using-bind9-not-working-4175447752/)

bennetfox 01-29-2013 05:06 PM

Reverse DNS on LAN using bind9 not working
 
I'm having troubles getting reverse dns to work on my local area netowrk. I have a small lan of about 5 computers all networked together and I am trying (without much luck) to get name resolution working. I have two servers with Debian Wheezy installed and I am using bind9 to handle dns services. I'm doing pretty well on the configuration of bind, I'm keeping things simple by accomplishing one step at a time. I'm stuck on the step of getting reverse dns (ip addresses resolved to names) to work. Following is the forward and reverse zone files that I have composed using the information I have gathered on the Internets:

foxden.lan forward zone file:

Code:

$ttl 38400
foxden.lan.        IN        SOA        ns1.foxden.lan. admin.foxden.lan. (
                        1358460959
                        20M
                        3600
                        20M
                        38400 )

$ORIGIN foxden.lan.

foxden.lan.                IN        NS        ns1.foxden.lan.
foxden.lan.                IN        NS        ns2.foxden.lan.

ns1                        IN        A        10.0.0.3
ns2                        IN        A        10.0.0.4

foxden.lan.                IN        A        10.0.0.4
blackfox                IN        CNAME        ns1.foxden.lan.
greenfox                IN        CNAME        ns2.foxden.lan.
www                        IN        A        10.0.0.4

foxden.lan reverse zone file:

Code:

$ttl 38400
$ORIGIN 0.0.10.in-addr.arpa.
        IN        SOA        ns1.foxden.lan. admin.foxden.lan. (
                        1358460957
                        20M
                        3600
                        20M
                        38400 )

                        NS        ns1.foxden.lan.
                        NS        ns2.foxden.lan.

3                IN        PTR        blackfox.foxden.lan.
4                IN        PTR        greenfox.foxden.lan.

When I do a forward lookup with host, this is the output I get:

Code:

$ host foxden.lan
foxden.lan has address 10.0.0.4

$ host greenfox.foxden.lan
greenfox.foxden.lan is an alias for ns2.foxden.lan.
ns2.foxden.lan has address 10.0.0.4

When I do a reverse lookup with host, this is the output I get:

Code:

$ host 10.0.0.4
Host 4.0.0.10.in-addr.arpa. not found: 3(NXDOMAIN)

Any help would be greatly appreciated!

bathory 01-30-2013 01:00 AM

Hi,

The reverse zone file looks good. Just add the "@" at the SOA record, increase serial and reload bind:
Code:

$ttl 38400
$ORIGIN 0.0.10.in-addr.arpa.
@        IN        SOA        ns1.foxden.lan. admin.foxden.lan. (
                        1358460957
                        20M
                        3600
                        20M
                        38400 )

                        NS        ns1.foxden.lan.
                        NS        ns2.foxden.lan.

3                IN        PTR        blackfox.foxden.lan.
4                IN        PTR        greenfox.foxden.lan.


bennetfox 01-30-2013 04:42 PM

Hi! Thank you for your reply!

If I add the @ on line 3 and run named-checkzone on it, it has a heart attack and responds with this:

Code:

$ named-checkzone 0.0.10.in-addr-arpa 10.hosts
10.hosts:3: ignoring out-of-zone data (0.0.10.in-addr.arpa)
10.hosts:13: ignoring out-of-zone data (3.0.0.10.in-addr.arpa)
10.hosts:14: ignoring out-of-zone data (4.0.0.10.in-addr.arpa)
zone 0.0.10.in-addr-arpa/IN: has 0 SOA records
zone 0.0.10.in-addr-arpa/IN: has no NS records
zone 0.0.10.in-addr-arpa/IN: not loaded due to errors.

Did I miss something in the reverse zone file?

bathory 01-31-2013 12:51 AM

Hi,

Quote:

$ named-checkzone 0.0.10.in-addr-arpa 10.hosts
You have an error in the zone name. It should be 0.0.10.in-addr.arpa (a dot not a dash before the word arpa). So the correct command is:
Code:

named-checkzone 0.0.10.in-addr.arpa 10.hosts
Regards

vipin310379 01-31-2013 11:51 AM

show your "named.conf" file

bennetfox 02-02-2013 03:49 PM

Hey gang!

Pardon the tardiness of this reply, but I've been banging around with my configurations along with some suggestions from some network engineers I know, and we came up with the following configuration. It works exactly as I wanted to work and has been working nicely for the past four or so days!

foxden.lan forward zone file:

Code:

$ttl 38400
foxden.lan.        IN        SOA        ns1.foxden.lan. admin.foxden.lan. (
                        1358460962
                        20M
                        3600
                        20M
                        38400 )

$ORIGIN foxden.lan.

foxden.lan.        IN        NS        blackfox.foxden.lan.
foxden.lan.        IN        NS        greenfox.foxden.lan.

blackfox        IN        A        10.0.0.3
greenfox        IN        A        10.0.0.4

foxden.lan.        IN        A        10.0.0.4

ns1                IN        CNAME        blackfox.foxden.lan.
ns2                IN        CNAME        greenfox.foxden.lan.

www                IN        CNAME        greenfox.foxden.lan.

foxden.lan reverse zone file:

Code:

$ttl 38400
$ORIGIN 0.0.10.in-addr.arpa.
@        IN        SOA        ns1.foxden.lan. admin.foxden.lan. (
                        1358460963
                        20M
                        3600
                        20M
                        38400 )

                NS        blackfox.foxden.lan.
                NS        greenfox.foxden.lan.

3                IN        PTR        blackfox.foxden.lan.
4                IN        PTR        greenfox.foxden.lan.

foxden.lan named.conf:

Code:

options {
        directory "/var/cache/bind";
        allow-transfer {10.0.0.3;};
        recursion yes;
        allow-recursion {10.0/16;};


forwarders {
        8.8.8.8;
        8.8.4.4;
        };

        dnssec-validation auto;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
        listen-on port 53 {
                127.0.0.1;
                10.0.0.4;
                };
};

zone "foxden.lan" {
        type master;
        file "/var/lib/bind/foxden.lan.hosts";
        allow-update {none;};
        };

zone "0.0.10.in-addr.arpa" {
        type master;
        file "/var/lib/bind/10.hosts";
        allow-update {none;};
        };

zone "." {
        type hint;
        file "/etc/bind/db.root";
        };

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
        allow-update {none;};
        };

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
        allow-update {none;};
        };

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
        allow-update {none;};
        };

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
        allow-update {none;};
        };

As you can see, this is a very basic configuration of bind, but it is a fully functional installation. This means that both forward and reverse dns work on both of the computers listed in the zone files. The biggest problem I kept running into with this is basically the nature of Linux. There are 7 ways to do one task as well as the associated documentation and descriptions of all seven ways. Some of the documentation and information I read conflicted with other information that I had read and it was hard to find an actual working solution online. This is why I've decided to post my solution to the issue online so it will be forever archived and hopefully it will help someone else resolve their issues with bind and forward and reverse name resolution.

Thank you all for your help!!


All times are GMT -5. The time now is 12:34 PM.