Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am confused about DNS and bind reverse zone files. I am running centos 5.3 and bind-9.3.4-10.P1.el5.
I have not been responsible for DNS since Bind 4.x. and linux/UNIX version??? and I have inherited this task.
I have borrowed a copy of O’Reilly DNS and BIND 5th Edition that I am using as a guide. Following O’Reilly’s example I started “not using abbreviations or shortcuts in our zone data, at least not initially,” and started editing the zone files using the long-hand syntax to grasp/relearn the concept.
My forward mapping zone file passes named-checkzone with no errors using the long-hand syntax but my reverse mapping zone file(s) fail.
I wanted to start with unabbreviated syntax, but just to get things going I downloaded an example reverse file and edited it to fit one of my subnets.
The resulting file used shorthand syntax but it passed named-checkzone.
My named.conf and reverse mapping files are listed below.
I really have two questions.
1..) While I am still having issues with the long-hand file loading (db.172.16.1) its concept does make some sense to me. Can someone please explain what I am doing wrong in the file ‘db.172.16.1’. It is almost verbatim out of the O’Reilly book.
2..) The edited shorthand version (db.172.reverse) loads and resolves for my 172.16.1.0 subnet but a second shorthand reverse file (db.192.reverse) for my 192.168.1.0 subnet is almost identical to the first. ***Neither file explicitly refers to an IP subnet.
How does 'named' differentiate the line
2 IN PTR bravo.harenet-tech.net.
(in the first zone file - for the 172 subnet)
from
2 IN PTR delta.harenet-tech.net.
(in the second zone file - for the 192 subnet)
[bravo OR delta].harenet-tech.net
Is it as intuitive as… each zone file is “called” from within a different X.Y.Z.in-addr.apra section of the named.conf file? Just guessing.
Thank you in advance for any help and clarification.
################################################
Contents of /var/named/db.172.16.1
;file: /var/named/db.172.16.1 --- last update: 20-dec-09
$TTL 86400 ; 1 day
1.16.172.in-addr.arpa. IN SOA alpha.harenet-tech.net. root.harenet-tech.net. (
2009122001; serial
28800; refresh (8 hours)
14400; retry (4 hours)
788645; expire (1wk,2days,3hrs,4mins,5sec)
86400; minimum (1day)
)
;###Name Server(s)
1.16.172.in-addr.arpa. IN NS alpha.harenet-tech.net.
;###172.16.1.0 hosts
1.1.16.172.in-addr.arpa. IN PTR alpha.harenet-tech.net.
2.1.16.172.in-addr.arpa. IN PTR bravo.harneet-tech.net.
#################################################
Contents of /var/named/db.172.reverse
;file: /var/named/db.172.reverse
$TTL 86400 ; 1 day
@ IN SOA dns.harenet-tech.net. root.harenet-tech.net.(
2009121301; serial
28800; refresh (8 hours)
14400; retry (4 hours)
788645; expire (1wk,2days,3hrs,4mins,5sec)
86400; minimum (1day)
)
IN NS alpha.harenet-tech.net.
1 IN PTR alpha.harenet-tech.net.
2 IN PTR bravo.harenet-tech.net.
#
####################
Contents of /var/named/db.192.reverse
;file: /var/named/db.192.reverse
$TTL 86400 ; 1 day
@ IN SOA dns.harenet-tech.net. root.harenet-tech.net.(
2009121301; serial
28800; refresh (8 hours)
14400; retry (4 hours)
788645; expire (1wk,2days,3hrs,4mins,5sec)
86400; minimum (1day)
)
IN NS alpha.harenet-tech.net.
1 IN PTR charlie.harenet-tech.net.
2 IN PTR delta.harenet-tech.net.
####################
Contents of /etc/named.conf…
//file: /etc/named.conf --- last update: 20-dec-09
options
{ directory "/var/named";
listen-on port 53 { 127.0.0.1; 172.16.1.1; 192.168.1.1; };
query-source address * port 53;
// also-notify { 12.207.232.47 port 53; }; //telco's machine
};
include "/var/named/h4r3n3t-t3ch/rndc.key";
include "/var/named/logging_code";
zone "harenet-tech.net" IN
{
type master;
file "db.harenet-tech.net.inside";
allow-query { 172.16.1.0/24; 192.168.1.0/24; };
allow-update { key "rndckey"; };
};
// zone "1.16.172.in-addr.arpa" IN
// {
// type master;
// file "db.172.16.1"; //**This does NOT pass named-checkzone
// allow-update { key "rndckey"; };
// };
zone "1.16.172.in-addr.arpa" IN
{
type master;
file "db.reverse.172"; //This passes named-checkzone
allow-update { key "rndckey"; };
};
// zone "1.168.192.in-addr.arpa" IN
// {
// type master;
// file "db.192.168.1";
// allow-update { key "rndckey"; };
// };
//
// zone "0.0.127-in-addr.arpa" IN
// {
// type master;
// file "db.127.0.0";
// };
//
zone "." IN
{
type hint;
file "db.cache";
};
};
Well in the configs you posted... some of those shouldn't work unless they were previously cached.
Code:
zone "1.16.172.in-addr.arpa" IN {
type master;
file "db.reverse.172";
allow-update { key "rndckey"; };
};
You normally have an entry like each of the above for each set you're looking at. The name of the file is largely moot it's the zone name that determines if it falls into the block and the file directive tells it what file to look in.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.