I am confused about DNS and bind reverse zone files. I am running centos 5.3 and bind-9.3.4-10.P1.el5.

I have not been responsible for DNS since Bind 4.x. and linux/UNIX version??? and I have inherited this task.

I have borrowed a copy of O’Reilly DNS and BIND 5th Edition that I am using as a guide. Following O’Reilly’s example I started “not using abbreviations or shortcuts in our zone data, at least not initially,” and started editing the zone files using the long-hand syntax to grasp/relearn the concept.

My forward mapping zone file passes named-checkzone with no errors using the long-hand syntax but my reverse mapping zone file(s) fail.

I wanted to start with unabbreviated syntax, but just to get things going I downloaded an example reverse file and edited it to fit one of my subnets.

The resulting file used shorthand syntax but it passed named-checkzone.
My named.conf and reverse mapping files are listed below.



I really have two questions.

1..) While I am still having issues with the long-hand file loading (db.172.16.1) its concept does make some sense to me. Can someone please explain what I am doing wrong in the file ‘db.172.16.1’. It is almost verbatim out of the O’Reilly book.

2..) The edited shorthand version (db.172.reverse) loads and resolves for my 172.16.1.0 subnet but a second shorthand reverse file (db.192.reverse) for my 192.168.1.0 subnet is almost identical to the first. ***Neither file explicitly refers to an IP subnet.

How does 'named' differentiate the line

2 IN PTR bravo.harenet-tech.net.
(in the first zone file - for the 172 subnet)

from

2 IN PTR delta.harenet-tech.net.
(in the second zone file - for the 192 subnet)


[bravo OR delta].harenet-tech.net


Is it as intuitive as… each zone file is “called” from within a different X.Y.Z.in-addr.apra section of the named.conf file? Just guessing.


Thank you in advance for any help and clarification.


################################################
Contents of /var/named/db.172.16.1

;file: /var/named/db.172.16.1 --- last update: 20-dec-09
$TTL 86400 ; 1 day
1.16.172.in-addr.arpa. IN SOA alpha.harenet-tech.net. root.harenet-tech.net. (
2009122001; serial
28800; refresh (8 hours)
14400; retry (4 hours)
788645; expire (1wk,2days,3hrs,4mins,5sec)
86400; minimum (1day)
)

;###Name Server(s)
1.16.172.in-addr.arpa. IN NS alpha.harenet-tech.net.

;###172.16.1.0 hosts
1.1.16.172.in-addr.arpa. IN PTR alpha.harenet-tech.net.
2.1.16.172.in-addr.arpa. IN PTR bravo.harneet-tech.net.


#################################################
Contents of /var/named/db.172.reverse

;file: /var/named/db.172.reverse
$TTL 86400 ; 1 day
@ IN SOA dns.harenet-tech.net. root.harenet-tech.net.(
2009121301; serial
28800; refresh (8 hours)
14400; retry (4 hours)
788645; expire (1wk,2days,3hrs,4mins,5sec)
86400; minimum (1day)
)
IN NS alpha.harenet-tech.net.
1 IN PTR alpha.harenet-tech.net.
2 IN PTR bravo.harenet-tech.net.

#
####################
Contents of /var/named/db.192.reverse

;file: /var/named/db.192.reverse
$TTL 86400 ; 1 day
@ IN SOA dns.harenet-tech.net. root.harenet-tech.net.(
2009121301; serial
28800; refresh (8 hours)
14400; retry (4 hours)
788645; expire (1wk,2days,3hrs,4mins,5sec)
86400; minimum (1day)
)
IN NS alpha.harenet-tech.net.
1 IN PTR charlie.harenet-tech.net.
2 IN PTR delta.harenet-tech.net.

####################
Contents of /etc/named.conf…
//file: /etc/named.conf --- last update: 20-dec-09
options
{ directory "/var/named";
listen-on port 53 { 127.0.0.1; 172.16.1.1; 192.168.1.1; };
query-source address * port 53;
// also-notify { 12.207.232.47 port 53; }; //telco's machine
};

include "/var/named/h4r3n3t-t3ch/rndc.key";
include "/var/named/logging_code";

acl "harenet-lan" { 127/8; 172.16.1.0/24; 192.168.1.0/24; };
controls {inet 127.0.0.1 allow { localhost; } keys { rndckey; }; };

view "inside"
{
match-clients { "harenet-lan"; };
recursion yes;

zone "harenet-tech.net" IN
{
type master;
file "db.harenet-tech.net.inside";
allow-query { 172.16.1.0/24; 192.168.1.0/24; };
allow-update { key "rndckey"; };
};

// zone "1.16.172.in-addr.arpa" IN
// {
// type master;
// file "db.172.16.1"; //**This does NOT pass named-checkzone
// allow-update { key "rndckey"; };
// };

zone "1.16.172.in-addr.arpa" IN
{
type master;
file "db.reverse.172"; //This passes named-checkzone
allow-update { key "rndckey"; };
};

// zone "1.168.192.in-addr.arpa" IN
// {
// type master;
// file "db.192.168.1";
// allow-update { key "rndckey"; };
// };
//
// zone "0.0.127-in-addr.arpa" IN
// {
// type master;
// file "db.127.0.0";
// };
//
zone "." IN
{
type hint;
file "db.cache";
};
};

//view "outside"
//{
Omitted…
//};

Well in the configs you posted... some of those shouldn't work unless they were previously cached.

You normally have an entry like each of the above for each set you're looking at. The name of the file is largely moot it's the zone name that determines if it falls into the block and the file directive tells it what file to look in.