Going crazy here. This is a super simple bind setup which can reverse lookup but not resolve the IP of a name.
These are my (ridiculously) simple config files:
root#dns:/etc/bind/zones# cat db.192.168.1
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
# IN SOA dns.mycompany.com. admin.mycompany.com. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
; name servers - NS records
IN NS dns.mycompany.com.
; PTR Records
20 IN PTR dns.mycompany.com. ; 192.168.1.20
149 IN PTR myharbor.mycompany.com. ; 192.168.1.149
root#dns:/etc/bind/zones# cat db.mycompany.com
$TTL 604800
# IN SOA dns.mycompany.com. admin.mycompany.com. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; name servers - NS records
IN NS dns.mycompany.com.
; A records
dns.mycompany.com. IN A 192.168.1.20
myharbor.mycompany.com. IN A 192.168.1.149
If I do a lookup of the IP it works just fine:
root#dns:/etc/bind/zones# nslookup 192.168.1.149
Server: 192.168.1.20
Address: 192.168.1.20#53
149.1.168.192.in-addr.arpa name = myharbor.mycompany.com.
However if I lookup the name... it fails:
root#dns:/etc/bind/zones# nslookup myharbor.mycompany.com
;; Got SERVFAIL reply from 192.168.1.20, trying next server
Server: 192.168.1.20
Address: 192.168.1.20#53
** server can't find myharbor.mycompany.com: SERVFAIL
I am sure it's something idiotic. Can I lend another pair of eyes here?
Thanks.
I figured it out in the end.
The culprit was in the /etc/bind/named.conf.local file.
zone "mycompany.com" {
type master;
file "/etc/bind/zones/db.mycompany.com"; # zone file path
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/db.192.168.1"; # 10.128.0.0/16 subnet
};
There was a typo in the following line:
file "/etc/bind/zones/db.mycompany.com"; # zone file path
It originally read:
file "/etc/bind/zones/mycompany.com"; # zone file path
It just wouldn't be able to locate the file cause the path was typoed.
Phew!
Related
I'm setting up DNS with Bind9, but I couldn't resolve the reverse DNS.
This is my named.conf.local file:
zone "alice-abm.id" { type master; file "/etc/bind/db.alice-abm.id"; };
zone "190.193.116.in-addr.arpa" { type master; file "/etc/bind/db.190.193.116.in-addr.arpa"; };
This is my db.alice-abm.id file:
;
; BIND data file for local loopback interface
;
$TTL 604800
# IN SOA alice-abm.id. admin.alice-abm.id. (
2021112801 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
# IN NS ns1.alice-abm.id.
# IN NS ns2.alice-abm.id.
# IN A 116.193.190.67
ns1 IN A 116.193.190.67
ns2 IN A 116.193.190.67
www IN CNAME # ;Bisa juga dengan alice-abm.id
And this is my db.190.193.116.in-addr.arpa file:
;
; BIND data file for local loopback interface
;
$TTL 604800
# IN SOA alice-abm.id. admin.alice-abm.id. (
20211128003 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
$ORIGIN 190.193.116.in-addr.arpa.
# IN NS ns1.alice-abm.id.
# IN NS ns2.alice-abm.id.
# IN A 116.193.190.67
67 IN PTR alice-abm.id.
When I try to nslookup the IP Address:
$ nslookup 116.193.190.67
That's return errors:
** server can't find 67.190.193.116.in-addr.arpa: NXDOMAIN
Is there any mistake I did?
Pleas help, and thanks.
I would look at your logs, but the serial number is supposed to be unsigned 32bit, and 20211128003 far exceeds it. I think you mean 2021112803. The zone is probably not getting loaded.
Unless you have full control of that /24, I would make the zone 67.190.193.116.in-addr.arpa
When I run nsupdate to add PTR record "update add 1.1.10.10.in-addr.arpa. 86400 PTR test.example.com" , the 10.10.in-addr.arpa reverse zone prints that record as below which is what I would expect. 10.10.in-addr.arpa is a /16 zone so I have 2 octets in the host section (1.1).
$ORIGIN .
$TTL 3600 ; 1 hour
10.10.in-addr.arpa IN SOA ns1.example.com. admin.example.com. (
3 ; serial
3600 ; refresh (1 hour)
600 ; retry (10 minutes)
1209600 ; expire (2 weeks)
)
NS ns1.example.com.
$ORIGIN 10.10.in-addr.arpa.
1.1 PTR test.example.com.
However, if I run nsupdate with an additional PTR record, "update add 2.1.10.10.in-addr.arpa. 86400 PTR test2.example.com" ,then the 10.10.in-addr.arpa zone file is reformatted to a /24 zone with only 1 octet in the host section. Like this:
$ORIGIN .
$TTL 3600 ; 1 hour
10.10.in-addr.arpa IN SOA ns1.example.com. admin.example.com. (
4 ; serial
3600 ; refresh (1 hour)
600 ; retry (10 minutes)
1209600 ; expire (2 weeks)
3600 ; minimum (1 hour)
)
NS ns1.example.com.
$ORIGIN 1.10.10.in-addr.arpa.
1 PTR test.example.com.
2 PTR test2.example.com.
If I manually add the same PTR records to the zone files then the 10.10.in-addr.arpa reverse zone remains as expected with 2 octets in the host section.
So the issue is related to nsupdate and how it formats the zone files
What I would like to know is:
Is this nsupdate formatting of reverse zone files expected?
If yes, is there a way to manipulate the entry so that it maintains the format based on the the number of octets in the reverse zone as shown in the test.example.com example.
I am getting the following error, been trying t track it down with no luck. Any ideas?
Error in named configuration:
dns_rdata_fromtext: acme8.lcl.zone:2: near eol: unexpected end of input
acme8.lcl.zone:3: unknown RR type '3600'
zone acme8.lcl/IN: loading from master file acme8.lcl.zone failed: unexpected end of input
zone acme8.lcl/IN: not loaded due to errors.
_default/acme8.lcl/IN: unexpected end of input
And this is the acme8.lcl file
$TTL 86400
# IN SOA ns1.acme8.lcl.
root.acme8.lcl. (
2013042201 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
;
IN NS ns1.acme.lcl.
;
ns1 IN A 10.20.107.11
;
I found it, This:
# IN SOA ns1.acme8.lcl.
root.acme8.lcl. (
Should be this:
# IN SOA ns1.acme8.lcl. root.acme8.lcl. (
I have a reverse DNS server setup with Bind.
This is what my zone file looks like,
[root#PCPDNS01 named]# cat 127.195.203.arpa
# IN SOA ns1.premier.com.au. root.bpoint.com.au. (
20140530 ;serial
14400 ;refresh
3600 ;retry
604800 ;expire
10800 ;minimum
)
127.195.203.in-addr.arpa. IN NS ns1.premier.com.au.
127.195.203.in-addr.arpa. IN NS ns2.premier.com.au.
35 IN PTR smtp2.bpoint.com.au
17 IN PTR smtp2.bpoint.com.au
130 IN PTR mail.greenpowered.com.au
[root#PCPDNS01 named]#
When I do a reverse DNS check on http://www.dnsinspect.com/
I get the following,
However I don't want to have 127.195.203.in-addr.arpa in there. how do i resolve this?
many thanks,
--Archie
[root#PCPDNS01 named]# cat 127.195.203.arpa
# IN SOA ns1.premier.com.au. root.bpoint.com.au. (
20140530 ;serial
14400 ;refresh
3600 ;retry
604800 ;expire
10800 ;minimum
)
IN NS ns1.premier.com.au.
IN NS ns2.premier.com.au.
35 IN PTR smtp2.bpoint.com.au.
17 IN PTR smtp2.bpoint.com.au.
130 IN PTR mail.greenpowered.com.au
Above configuration fixed this issue.
a "." at the end of the ns1.premier.com.au
:)
I've set up a DNS server on VM. When I'm using host with an IP addres, it works well (101.48.168.192.in-addr.arpa domain name pointer s1.home.lan.), but when I try to get domain's IP (eg. host s1.home.lan), I get Host s1.home.lan not found: 2(SERVFAIL)
. What has been configured wrong?
Config files:
named.conf.local:
zone "home.lan" {
type master;
file "/etc/bind/zones/home.lan.db";
};
zone "48.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.48.168.192.in-addr.arpa";
};
home.lan.db:
$ORIGIN .
$TTL 3600
home.lan. IN SOA ubuntu.home.lan. hostmaster.home.lan (
2002010101 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
home.lan. IN NS ubuntu.home.lan.
home.lan. IN MX 10 ubuntu.home.lan.
$ORIGIN home.lan.
localhost IN A 127.0.0.1
s1 IN A 192.168.48.101
s2 IN A 192.168.48.102
s3 IN A 192.168.48.103
rev.48.168.192.in-addr.arpa:
# IN SOA ubuntu.home.lan. hostmaster.home.lan. (
2002010101 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
IN NS ubuntu.home.lan.
101 IN PTR s1.home.lan.
102 IN PTR s2.home.lan.
103 IN PTR s3.home.lan.
You're defining zone home.lan, specify hosts ubuntu.home.lan as MX and NS, but have no A record for ubuntu.home.lan in your home.lan zone.