I have 2 domains in the same server(Linux). (The ip addresses are only examples)
server: 192.168.1.20
domain1: server1.example.com
domain2: server2.example.com
cat /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 192.168.1.3
nameserver 192.168.1.2
cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
In my DNS server (bind), I have:
$TTL 3D
1.168.192.in-addr.arpa. IN SOA ns1.example.com. root.example.com. (
2007082126 ; Serial Number
10800 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
86400 ) ; Minimum TTL of 1 day
IN NS ns1.example.com.
20 IN PTR server1.example.com.
20 IN PTR server2.example.com.
Now, externally some servers can't resolve server2.example.com address but can resolve server1.
$host server2.example.com
Host server2.example.com not found: 3(NXDOMAIN)
$host server1.example.com
Host server1.example.com has address 192.168.1.20
When I use ip address:
$host 192.168.1.20
20.1.168.192.in-addr.arpa domain name pointer server1.example.com.
20.1.168.192.in-addr.arpa domain name pointer server2.example.com.
When I use dig command:
$ dig server2.example.com
; <<>> DiG 9.8.1-P1 <<>> server2.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5549
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;server2.example.com. IN A
;; AUTHORITY SECTION:
example.com. 401 IN SOA ns1.example.com. root.example.com. 2007111668 28800 7200 2419200 86400
;; Query time: 2 msec
dig command with google dns
; <<>> DiG 9.8.1-P1 <<>> @8.8.8.8 server2.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58750
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;server2.example.com. IN A
;; ANSWER SECTION:
server2.example.com. 21599 IN A 192.168.1.20
;; Query time: 93 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
What could be the problem that is causing some locations to can't access server2.example.com giving them NXDOMAIN error ?
Thanks in advance
Best Answer
You only posted the reverse zone "1.168.192.in-addr.arpa.". It would be useful to check your "example.com" zone file and make sure the A record are present.
Posting an extract from the zone file will help. Knowing the actual domain will help troubleshooting. You might have some good reason not to share it.
Note: (sorry if already obvious to you)
Reverse DNS record is when you look up an IP and the response is a hostname.
The "host" command will automatically lookup the reverse when given an IP. With "dig" you need to use the "-x" option when looking up an ip (ie. "dig -x 192.168.1.1").
Concerning having multiple names pointing to the same IP. It is not recommended to have multiple PTR record pointing to same IP.
https://en.wikipedia.org/wiki/Reverse_DNS_lookup
Ideally you should have have one forward (A) and one reverse (PTR) for each IP. You can have two IP on one server, which might be the cleanest way if you are running two separate services. Obviously when dealing with public IP you often don't have that luxury.
People often use CNAME record for having multiple names pointing to the same IP. A CNAME is essentially a pointer to another name. For example: