BIND9 reverse DNS, /16 zone

binddomain-name-systemreverse-dns

I'm trying to set up a reverse zone for the entire 10.200.x.x/16 subnet. I've configured everything according to named.conf and several different blog posts, but no luck.

Note that the A-records resolve correctly, the problem is reverse lookups.

Can anyone spot any configuration errors?

named.conf:

zone "200.10.in-addr.arpa" {
    type master;
    file "/etc/bind/master/10.200.reverse";
};

10.200.reverse:

$TTL 3600
@                       IN SOA  dhcpns01.guest.domain.com. admin.domain.com. (
                                2011022106 ; serial
                                10800      ; refresh (3 hours)
                                3600       ; retry (1 hour)
                                604800     ; expire (1 week)
                                38400      ; minimum (10 hours 40 minutes)
                                )
; name servers
                        NS      dhcpns01.guest.domain.com.
; hosts
0.10                    PTR     dhcpns01.guest.domain.com.

dig -t ptr 10.200.0.10 @127.0.0.1

;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15066
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;10.200.0.10.                   IN      PTR

;; AUTHORITY SECTION:
.                       10800   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2011022001 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Feb 21 12:19:31 2011
;; MSG SIZE  rcvd: 104

Disclaimer: This is edited down to be more viewable. I'm not using a single nameserver 🙂

Best Answer

It looks like your entry is for 10.200.10.0, not 10.200.0.10.

Try:

 10.0                    PTR     dhcpns01.guest.domain.com.

EDIT: You might want to try the dig like this:

dig -t ptr 10.0.200.10.in-addr.arpa. @127.0.0.1

dig -x 10.200.0.10 @127.0.0.1

Related Solutions

Linux – cannot resolve DNS server’s own domain name

Rather than telling us you didn't get an Answer Section, we would be able to diagnose better if you told us what you did get, as well as the response code.

This would tell us for example whether your server is correctly serving the SOA, or if you're getting some particular error message.

FWIW, the warnings about using an alias (i.e. a CNAME) as the target of an MX or NS records are correct - you shouldn't do that.

I don't see any real config error here, but there are a couple optimisations you can make so that you don't need the real domain name anywhere in the config file:

@       IN SOA    ns1 names ( ... )        
        IN MX 10  mail

Also, the www record should also be an A rather than a CNAME - it's not really a good idea to make www an alias for the $ORIGIN, because than a query for www IN MX? or www IN NS? would return the exact same records as the domain itself, when all you ever really want is the IP address.

You also have two effectively identical records for the main A record listed. That shouldn't break anything, and maybe it's just a copy&paste error?

EDIT Curious that the duplicate A record entry was the problem - possibly the lack of IN qualifier caused a parse failure - your BIND startup logs would tell you that.

Regarding the additional questions - those would be better in a new question, and ideally quoting the actual domain name. We simply can't do effective diagnosis on live DNS issues if you're using dummy data.

EDIT2 I did fix the SOA issue though - the first entry in the SOA is supposed to be the name of the primary name server. See revised example above.

Debian – Setting up a DNS name server for a mass virtual host with Bind9

Looking at the IP addresses in your resolv.conf I get the feeling that your BIND server is on 192.168.1.52. As far as I can tell, you can't specify in resolv.conf something like "for these domains, use this name server". Basically, your BIND server will never be queried. As you can see in your dig lookup (which is incorrect, it is asking for a reverse DNS entry), it tries 80.58.0.33, which I assume is your provider's DNS server.

You already set up BIND as caching nameserver by using the 'forwarders' option, so what you need to do is have only 192.168.1.52 in the client PCs as nameserver.

To see if your BIND is configured correctly, try this:

dig example.test @192.168.1.52

Best Answer

Related Solutions

Linux – cannot resolve DNS server’s own domain name

Debian – Setting up a DNS name server for a mass virtual host with Bind9

Related Topic