LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Which DNS zone file is the best? (https://www.linuxquestions.org/questions/linux-newbie-8/which-dns-zone-file-is-the-best-4175469327/)

Altiris 07-11-2013 06:01 PM
Which DNS zone file is the best?
 
I have a couple of forward/reverse zone files for BIND9 that I have collected from tutorials. It seems that each of them seem to be able to resolve one thing but then lack to resolve another in all of them.

Out of the three which seem the best, feel free to revise them/combine them as I am in need of the best zone file as I am helping a company setup a DNS server on a Debian 7 linux box.

**PLEASE NOTE**
(I have replaced the actual domain name with "domain" to hide the domain)
(The hostname name is simply "hostname" to hide hostname)
(I have organized each of set of zone files into 3)

1. Forward Zone
Code:
$ORIGIN domain.com.
$TTL 86400
@        IN        SOA        dns1.domain.com. hostmaster.domain.com. (
        2013071101 ;serial
        21600            ;refresh after 6 hours
        3600          ;retry after 1 hour
        604800    ;expire after1 week
        86400 )    ;minimum TTL 1 day

        IN        NS        dns1.domain.com.
       
        IN        MX        10        mail.domain.com.

        IN        A        192.168.12.137

dns1        IN        A        192.168.12.137

hostname        IN        A        192.168.12.137

ftp        IN        A        192.168.12.137

mail        IN        CNAME        hostname

www        IN        CNAME        hostname
1. Reverse Zone
Code:
$ORIGIN 12.168.192.in-addr.apra.
$TTL 86400
@        INandre-server        SOA        dns1.domain.com. hostmaster.domain.com. (
        2013071101 ;serial
        21600          ;refresh after 6 hours
        3600          ;retry after 1 hour
        604800    ;expire after1 week
        86400 )    ;minimum TTL 1 day

@        IN        NS        hostname.domain.com.
       
1        IN        PTR        hostname.domain.com.

2        IN        PTR        hostname.domain.com.

3        IN        PTR        hostname.domain.com.

4        IN        PTR        hostname.domain.com.
--------------------------------------------------

2. Forward Zone
Code:
$TTL 3D
@        IN        SOA        hostname.domain.com. admin.domain.com. (
2013071101;
28800;
3600;
604800;
38400;
);

dataglobe.com.        IN        NS        hostname.domain.com.
hostname        IN        A        192.168.12.137
www                IN        CNAME        hostname
2. Reverse Zone
Code:
$TTL 3D
@        IN        SOA        hostname.domain.com.. admin.hostname.com. (
2013071101;
28800;
604800;
604800;
86400;
);

        IN        NS        hostname.domain.com.
137        IN        PTR        hostname.domain.com.
1        IN        PTR        gw.domain.com.
-----------------------------------------------------

3. Forward Zone (PLEASE NOTE ON THIS ONE HOSTMASTER IS ACTUALLY HOSTMASTER, NOT TO BE CONFUSED WITH HOSTNAME)
Code:
;
; BIND data file for domain.com
;
$TTL 86400
@      IN      SOA    domain.com. hostmaster.domain.com. (
                        2013040601      ; Serial
                        21600          ; Refresh
                        600            ; Retry
                        604800          ; Expire
                        86400 )        ; Minimum TTL
                IN      A      192.168.12.137
;
@              IN      NS      dns1.domain.com.
        IN      MX      10      mail.domain.com.
dns1            IN      A      192.168.12.137
hostname        IN      A      192.168.12.137
ftp            IN      A      192.168.12.137
mail            IN      A      192.168.12.137
www            IN      A      192.168.12.137
3. Reverse Zone

Code:
;
; BIND reverse data file for local 192.168.12.137 net
;
$TTL 86400
@      IN      SOA    dns1.domain.com. hostmaster.domain.com. (
                        2013050601      ; Serial
                        21600          ; Refresh
                        3600            ; Retry
                        604800          ; Expire
                        86400 )        ; Minimum TTL
;
@      IN      NS      dns1.domain.com.
137    IN      PTR    dns1.domain.com.
2      IN      PTR    dom-ain.domain.com.
----------------------------------------------------

Ser Olmy 07-11-2013 06:29 PM
There's a typo in the $ORIGIN statement in the first reverse zone ("in-addr.apra").

The indentation in the second forward zone and the second reverse zone is horrible, but otherwise they look OK.

Instead of just posting a bunch of zone files, could you perhaps tell us the exact nature of the problem? Which records are the server unable to resolve?

Altiris 07-11-2013 07:56 PM
Quote:
Originally Posted by Ser Olmy (Post 4988713)
There's a typo in the $ORIGIN statement in the first reverse zone ("in-addr.apra").

The indentation in the second forward zone and the second reverse zone is horrible, but otherwise they look OK.

Instead of just posting a bunch of zone files, could you perhaps tell us the exact nature of the problem? Which records are the server unable to resolve?
Yes #1 is horrible. Thanks for the typ-o fix I did not notice that. Here are some problems I get with each zone file

1. Forward/Reverse
nslookup hostname - Resolves
nslookup domainname - DOESNT Resolve (weird)
nslookup hostname.domain - Resolves
nslookup www domainname.com - Resolves (weird)
nslookup www.yahoo.com - Resolves
(Extra below)
nslookup www. domainname.com - Resolves
nslookup mail.domainname.com - Resolves
nslookup ftp.domainname.com - Resolves
nslookup dns1.domainname.com - Resolves
nslookup www.yahoo.com - Resolves

2. Forward/Reverse
nslookup hostname - Resolves
nslookup domainanme - Resolves
nslookup hostname.domainname - Resolves


3. Forward/Reverse
nslookup hostname - Resolves
nslookup domainanme - Resolves
nslookup hostname.domainname - Resolves
(Extra below)
nslookup www. domainname.com - Resolves
nslookup mail.domainname.com - Resolves
nslookup ftp.domainname.com - Resolves
nslookup dns1.domainname.com - Resolves
nslookup www.yahoo.com - Resolves

Seems like 2 and 3 work fine and 1 is the crappy one. Does anyone else know of any other things I should add to these zones? I think I will stick with the first one for now. Thanks for your help, I didnt think of doing this.


EDIT: I am noticing that when I try and ping the domain on one of the other computers it cant ping the domain. I can ping the hostname but not the domainname, why is this? I think I need to add some type of A record for my external IP, what would that look like?

Would it be something like "dns1 IN A x.x.x.x" (the x's are my external IP)

jpollard 07-13-2013 05:04 AM
For #1, there is no definition given for the domain name, so how could it return a definition? And why is www.domainname lookup wierd - you did give it a definition.

In the reverse, you give different IP numbers than used in the forward lookup... (reverse)192.168.0.1, .2, .3, .4 and in the forward everything is 192.168.12.137

In #2, you have what might be a typo... "hostname.domain.com..", and you have a reverse reference to 192.168.12.2, but without a forward reference.

In #3, looks fine, though again there is a reverse reference to 192.168.12.2 without a forward reference.

Altiris 07-13-2013 12:33 PM
Alright I will answer all of your questions/feedback in order, thanks btw. (I am thinking of dropping #2 as it seems the weirdest one for me. For #1 like you said it DOES NOT have anythig for the domain. To do so in the forward zone, would I just add:

"domain.com. IN NS hostname.domainname.com."

And then for the reverse zone would I type:

" IN NS hostname.domainname.com."

As for the other responsive you said I gave the wrong IPs, would I replace 1,2,3,4 with 137? And how do I make it so its 12.137 and not 0.137 or somethig, I am a bit confused.
It is a typo, extra dot, and do I change 2 to 137? However I will probably not use 2.

As for the reverse with 2, once again, change that to 137? And then to add a forward record, what do I add?

Thanks for the help!

jpollard 07-14-2013 07:15 AM
Yes the "IN NS" would be valid. But you still would need an A record for the hostname.

Normally all forward records are <name> IN A <IP number> - which why the domain can't be identified - no A record.


For reverse lookups, it is the zone definition (in the named.conf file) that defines how the IP numbers are used.

A "zone "12.168.192.ipv4.arpa" IN {....} would set the the IP base to 192.168.12.x, then within the file, only the last octet is needed.


All times are GMT -5. The time now is 05:42 AM.