You are not logged in.
- Topics: Active | Unanswered
#1 2009-01-15 23:44:39
- kingdord
- Member
- Registered: 2009-01-15
- Posts: 3
BIND Reverse Lookup issue
I've followed the great guide @ the wiki for BIND, as well as taking some information for reverse lookup from this site http://wiki.genunix.org/wiki/index.php/ … me_Network. My goal is to setup DNS for my home network. Forward lookup (ie host www.54w8.net) works great. However reverse lookup on my network is not working.
Reverse lookup on 127.0.0.1 works.
host 127.0.0.1
Host 1.0.0.127.in-addr.arpa domain name pointer localhost.
Reverse lookup on 192.168.1.6 (current intranet web server) does not.
host 192.168.1.6
Host 6.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN)
dig 192.168.1.6 PTR
; <<>> DiG 9.5.0-P2 <<>> 192.168.1.6 PTR
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47068
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0;; QUESTION SECTION:
;192.168.1.6. IN PTR;; AUTHORITY SECTION:
. 10800 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2009011501 1800 900 604800 86400;; Query time: 30 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan 15 18:33:43 2009
;; MSG SIZE rcvd: 104
(not sure why it comes back having queried the root server)
Here are my named.conf, and zone files.
/etc/named.conf
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
auth-nxdomain yes;
datasize default;
// Uncomment these to enable IPv6 connections support
// IPv4 will still work:
// listen-on-v6 { any; };
// Add this for no IPv4:
// listen-on { none; };
listen-on { 127.0.0.1; };
listen-on { 192.168.1.8;};
// Default security settings.
allow-recursion { 127.0.0.1; };
allow-transfer { none; };
allow-update { none; };
version none;
hostname none;
server-id none;
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-transfer { any; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "127.0.0.zone";
allow-transfer { any; };
};
zone "." IN {
type forward;
forwarders {
65.24.7.10;
65.24.7.11;
};
//type hint;
//file "root.hint";
};
zone "54w8.net" IN {
type master;
file "pri/54w8.net.zone";
allow-update { none; };
notify no;
allow-query{192.168.1.0/24;
127.0.0.1;};
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "pri/192.168.1.zone";
allow-query {192.168.1.0/24;
127.0.0.1;};
};/var/named/pri/54w8.net.zone
$TTL 7200
; 54w8.net
@ IN SOA ns01.54w8.net. hostmaster.54w8.net. (
2009011501 ; Serial
28800 ; Refresh
1800 ; Retry
604800 ; Expire - 1 week
86400 ) ; Minimum
; NAME SERVERS
IN NS ns01.54w8.net.
; INDIVIDUAL SERVERS
localhost IN A 127.0.0.1
naked IN A 192.168.1.5 ; House-Main
otacon IN A 192.168.1.8 ; Dord-Main
mk-III IN A 192.168.1.6 ; Dord-Secondary
ocelot IN A 192.168.1.3 ; Luke-Main
solidus IN A 192.168.1.7 ; Blurn-Main
router IN A 192.168.1.1 ; Router
wii IN A 192.168.1.9 ; WII
ns01 IN CNAME otacon
www IN CNAME mk-III/var/named/pri/192.168.1.zone
$ORIGIN 1.168.192.in-addr-arpa.
$TTL 7200
@ IN SOA otacon.54w8.net. hostmaster.54w8.net. (
2009011504 ; Serial #
28800 ; Refresh
1800 ; Retry
604800 ; Expire
86400 ) ; Minimum
@ IN NS otacon.54w8.net.
1 IN PTR router.54w8.net.
3 IN PTR ocelot.54w8.net.
5 IN PTR naked.54w8.net.
6 IN PTR mk-III.54w8.net.
7 IN PTR solidus.54w8.net.
8 IN PTR otacon.54w8.net.
9 IN PTR wii.54w8.net.My named logs are empty so I have no idea what is going wrong. Any insight on typos or my misunderstandings of BIND configuration or general networking would be appreciated.
Offline
#2 2009-01-16 01:11:18
- brebs
- Member
- Registered: 2007-04-03
- Posts: 3,742
Re: BIND Reverse Lookup issue
192.168.blah.blah is a private network, as opposed to the usual addresses. There are probably a million PCs worldwide, all having 192.168.0.1, for example.
Poorly configured private networks often attempt reverse DNS lookups for these addresses, putting extra load on the Internet's root nameservers.
Last edited by brebs (2009-01-16 01:11:42)
Offline
#3 2009-01-16 03:07:06
- kingdord
- Member
- Registered: 2009-01-15
- Posts: 3
Re: BIND Reverse Lookup issue
I understand that 192.168.x.x is a private network, however I'm asking how my configuration is not "proper" for reverse DNS lookups on my private network DNS. I've checked, and re-checked for typos, and according to every source I've found by setting up an appropriate in-addr.arpa zone ( in this case 1.168.192.in-addr.arpa) in my named.conf with a zone file containing PTR records my network should be properly configured for a reverse DNS lookup on my private network. If it is impossible to perform a reverse DNS lookup on my private network then please help me understand.
Offline
#4 2009-01-16 03:24:18
- fukawi2
- Ex-Administratorino
- From: .vic.au
- Registered: 2007-09-28
- Posts: 6,222
- Website
Re: BIND Reverse Lookup issue
Here's my REV.31.168.192 file... The only differences I can see is that I have the NS record using different syntax, and the ORIGIN line in a different place. (FTR, mine works)...
$TTL 7200
@ IN SOA dns.fukawi2.local. root.fukawi2.nodns.net. (
2009010401 ; serial
6H ; refresh
30M ; retry
2W ; expire
1D ; minimum
)
NS dns.fukawi2.local.
;$ORIGIN 31.168.192.in-addr.arpa.
1 PTR network-box.fukawi2.local.
3 PTR kangaroo.fukawi2.local.
5 PTR hp-photosmart.fukawi2.local.
6 PTR hp-businessjet.fukawi2.local.
7 PTR wap-shed.fukawi2.local.
8 PTR wap-house.fukawi2.local.
9 PTR switch.fukawi2.local.
etc etc etc etcPerhaps adding some logging config to named.conf might help you:
logging {
channel default_syslog {
syslog local2;
severity info;
};
category queries { default_syslog; };
category config { default_syslog; };
category security { default_syslog; };
category xfer-in { default_syslog; };
category xfer-out { default_syslog; };
category notify { default_syslog; };
category lame-servers {null; };
category edns-disabled { null; };
};Last edited by fukawi2 (2009-01-16 03:24:50)
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
#5 2009-01-16 04:18:45
- kingdord
- Member
- Registered: 2009-01-15
- Posts: 3
Re: BIND Reverse Lookup issue
Thank you. Apparently placing the $ORIGIN line after the SOA entry, but before the other records has fixed the problem.
Offline