LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-28-2019, 10:37 PM   #1
MrRichBOB
LQ Newbie
 
Registered: Jan 2019
Posts: 2

Rep: Reputation: Disabled
BIND DNS forward lookup zone functions, but no idea how to set up a reverse lookup zone


[FONT="Garamond"]Hello and thank you, please forgive me if there are similar that appear to be similar, but I am having a hard time finding a tutorial for beginners and am having to piece things together. I am not an absolute beginner and can find some things out on my own--if it helps, I feel 100% comfortable navigating CentOS/RHEL and Ubuntu Server via their command lines.

As I have stated before and will proceed to state again, I am having a tough time trying to figure out how to really properly piece together things in general, but primarily the reverse lookupzone.

SYMPTOMS:

All Devices:

DNS works fine, this computer I am typing this on is using the DNS, and my file server (CentOS 7) that is doubling as a DNS is using itself as its DNS as well

Windows 10

In PowerShell, if I type in
Code:
nslookup
, it returns:
Quote:
Default Server: UnKnown
Address: 192.168.0.30
Partially expected. If I type
Code:
nslookup www.thelabees.com
, it returns
Quote:
Server: UnKnown
Address: 192.168.0.30

Name: www.thelabees.com
Address: 192.168.0.30
The name of my DNS should either be that with or without the "www."

From the Linux Machine, if I type
Code:
nslookup 192.168.0.30
, it returns:
Quote:
Server: 127.0.0.1
Address: 127.0.0.1#53

** server can't find 30.0.168.192.in-addr.arpa.: NXDOMAIN
If I type "www.thelabees.com" it returns the same as nslookup does in powershell.




----


The following are my configuration files:
\etc\named.conf
\etc\named.rfc1912.zones

and for the forward and backward lookup zones,

\var\named\db.thelabees.com
\var\named\0.168.192.in-addr.arpa

They are as follows, in the above order,

named.conf

Code:
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
	listen-on port 53 { 127.0.0.1; 192.168.0.30; };
	listen-on-v6 port 53 { ::1; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
	statistics-file "/var/named/data/named_stats.txt";
	memstatistics-file "/var/named/data/named_mem_stats.txt";
	recursing-file  "/var/named/data/named.recursing";
	secroots-file   "/var/named/data/named.secroots";
	allow-query     { any; };

	/* 
	 - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
	 - If you are building a RECURSIVE (caching) DNS server, you need to enable 
	   recursion. 
	 - If your recursive DNS server has a public IP address, you MUST enable access 
	   control to limit queries to your legitimate users. Failing to do so will
	   cause your server to become part of large scale DNS amplification 
	   attacks. Implementing BCP38 within your network would greatly
	   reduce such attack surface 
	*/
	recursion yes;

	dnssec-enable yes;
	dnssec-validation yes;

	/* Path to ISC DLV key */
	bindkeys-file "/etc/named.iscdlv.key";

	managed-keys-directory "/var/named/dynamic";

	pid-file "/run/named/named.pid";
	session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
	type hint;
	file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
named.conf 1912

Code:
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package 
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
// (c)2007 R W Franks
// 
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

zone "localhost.localdomain" IN {
	type master;
	file "named.localhost";
	allow-update { none; };
};

zone "localhost" IN {
	type master;
	file "named.localhost";
	allow-update { none; };
};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
	type master;
	file "named.loopback";
	allow-update { none; };
};

zone "1.0.0.127.in-addr.arpa" IN {
	type master;
	file "named.loopback";
	allow-update { none; };
};

zone "0.in-addr.arpa" IN {
	type master;
	file "named.empty";
	allow-update { none; };
};

zone "thelabees.com" IN {
	type master;
	file "db.thelabees.com";
	allow-update { none; };
};

zone "0.168.192.in-addr.arpa" IN {
	type master;
	file "0.168.192.in-addr.arpa";
	allow-update { none; };
};
db.com

Code:
;
; BIND data file for thelabees.com
;
$TTL	604800
@	IN	SOA	thelabees.com	root.thelabees.com.	(
			1		; Serial
			604800		; Refresh after 3 hours
			86400		; Retry after 1 hour
			2419200		; Expire after 1 week
			604800 )	; Negative caching TTL
;

@	IN	NS	www.thelabees.com.
www	IN	A	192.168.0.30

;
xxx.xxx.xxx.in-addr.arpa

Code:
;
; BIND reverse data file for local loopback interface
;
$TTL	604800
@	IN	SOA	thelabees.com.	root.thelabees.com. (
				2		; Serial
				604800		; Refresh
				86400		; Retry
				2419200		; Expire
				604800	)	; Negative Cache TTL
;
@	IN	NS	www.
10	IN	PTR	thelabees.com.

;

THANKS IN ADVANCE!
 
Old 01-29-2019, 07:39 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,700

Rep: Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823
Quote:
From the Linux Machine, if I type
nslookup 192.168.0.30
, it returns:

Server: 127.0.0.1
Address: 127.0.0.1#53

** server can't find 30.0.168.192.in-addr.arpa.: NXDOMAIN
This is correct, because there is no PTR RR for 30.0.168.192.in-addr.arpa. You have only one PTR RR for 10.0.168.192.in-addr.arpa (that is for 192.168.0.10).

I suggest you to use a FQDN for the NS RR in the reverse zone as you did in the forward zone:
Code:
@	IN	NS	www.thelabees.com.
 
Old 01-29-2019, 03:02 PM   #3
MrRichBOB
LQ Newbie
 
Registered: Jan 2019
Posts: 2

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
This is correct, because there is no PTR RR for 30.0.168.192.in-addr.arpa. You have only one PTR RR for 10.0.168.192.in-addr.arpa (that is for 192.168.0.10).

I suggest you to use a FQDN for the NS RR in the reverse zone as you did in the forward zone:
Code:
@	IN	NS	www.thelabees.com.

Wait, wait... that last line,
Code:
10     IN     PTR   thelabees.com.
means somewhere along the lines of "point thelabees to 192.168.0.10" If I were to change that "10" to a "30," would it work?
 
Old 01-29-2019, 04:29 PM   #4
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,700

Rep: Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823Reputation: 1823
Quote:
Wait, wait... that last line,

10 IN PTR thelabees.com.

means somewhere along the lines of "point thelabees to 192.168.0.10" If I were to change that "10" to a "30," would it work?
It will work, but you need to also increase the serial, change the NS RR as I've posted above and reload the zone.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
I find file zone in the slave zone to the do a transfer of zone from Windows Server 2012 as master dns and CentOS as slave DNS. To learn Linux - Newbie 1 09-02-2016 09:36 AM
Which zone bind dns work either in forward zone are reverse zone sanjay87 Linux - Server 2 06-05-2012 04:21 AM
BIND - reverse dns queries only working locally, forward dns works fine. SloS13 Linux - Networking 3 08-25-2011 12:46 PM
[SOLVED] bind reverse zone; no name with reverse lookup deadeyes Linux - Server 3 10-12-2009 09:54 AM
BIND forward zone OK, reverse zone NOT OK! n03x3c Linux - Server 2 11-05-2008 10:31 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 06:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration