Answer the question
In order to leave comments, you need to log in
I
I
Ivan Semenov2018-12-14 17:58:10
Ivan Semenov, 2018-12-14 17:58:10
Where is the error in configuring the reverse DNS zone?
Good morning/afternoon/evening!
There are two DNS servers:
- Server 1 ip 195.54.13.65 - master zone for the entire university;
- Server 2 ip 195.54.13.88 - slave zone for the whole university.
We have internal networks for managing network equipment and for servers, they have their own direct and reverse zones, but in the reverse order:
- Server 1 ip 195.54.13.65 - slave for the servers and control zones, as well as master for the reverse zones 53.168.192.in-addr.arpa and 0.110.10.in-addr.arpa;
- Server 2 ip 195.54.13.88 - master for servers and control zones, as well as slave for reverse zones 53.168.192.in-addr.arpa and 0.110.10.in-addr.arpa.
Zones:
- control for network equipment;
- servers for servers.
Recently there was a need to add a new zone for wifi hotspots. I set up everything by analogy with the servers and control zones.
Server 2 ip 195.54.13.88
namedb.conf
zone "wifi" {
type master;
allow-query { internal_networks; };
file "master/wifi";
also-notify { 195.54.13.65; };
};/etc/namedb/master/wifi
$ORIGIN .
$TTL 86400 ; 1 day
wifi IN SOA ns.wifi. root.csu.ru. (
2018121402 ; serial
86400 ; refresh (1 day)
7200 ; retry (2 hours)
8640000 ; expire (14 weeks 2 days)
86400 ; minimum (1 day)
)
NS ns.wifi
A 10.38.0.5
$ORIGIN wifi.
ap-m002 A 10.38.0.2
ap-m003 A 10.38.0.3
ap-m004 A 10.38.0.4
ns A 10.38.0.5Server 1 ip 195.54.13.65
/etc/namedb/universal.conf
zone "wifi" {
type slave;
allow-query { wifi_ap_networks; };
file "/etc/namedb/slave/wifi";
masters { 195.54.13.88; };
};Response when checking wifi zone on Server 2 ip 195.54.13.88:
# named-checkzone wifi /etc/namedb/master/wifi
zone wifi/IN: loaded serial 2018121402
OKNow let's move on to the reverse zone.
Server 1 ip 195.54.13.65
/etc/namedb/universal.conf
zone "0.38.10.IN-ADDR.ARPA" {
allow-query { wifi_ap_networks; };
type master;
file "/etc/namedb/master/10.38.0";
also-notify { 195.54.2.1; };
};/etc/namedb/slave/10.38.0
$TTL 86400 ; 1 week
@ IN SOA ns.csu.ru. root.csu.ru. (
2018121403 ; Serial
3600 ; Refresh (1 hour)
600 ; Retry (10 minutes)
86400 ; Expire (1 day)
3600 ; Minimum (1 hour)
)
IN NS ns.csu.ru.
IN NS ns1.csu.ru.
$ORIGIN 0.38.10.IN-ADDR.ARPA.
2 IN PTR ap-m002.wifi.
3 IN PTR ap-m003.wifi.
4 IN PTR ap-m004.wifi.
5 IN PTR ns.wifi.Server 2 ip 195.54.13.88
namedb.conf
zone "0.38.10.in-addr.arpa" {
type slave;
allow-query { internal_networks; };
file "/etc/namedb/slave/10.38.0";
masters { 195.54.13.65; };
};Response when checking wifi zone on Server 1 ip 195.54.13.65:
#named-checkzone 10.38.0 /etc/namedb/master/10.38.0
/etc/namedb/master/10.38.0:14: ignoring out-of-zone data (2.0.38.10.IN-ADDR.ARPA)
/etc/namedb/master/10.38.0:15: ignoring out-of-zone data (3.0.38.10.IN-ADDR.ARPA)
/etc/namedb/master/10.38.0:16: ignoring out-of-zone data (4.0.38.10.IN-ADDR.ARPA)
/etc/namedb/master/10.38.0:17: ignoring out-of-zone data (5.0.38.10.IN-ADDR.ARPA)
zone 10.38.0/IN: loaded serial 2018121402
OKVarious responses to the nslookup command on a computer:
# nslookup 10.38.0.2
Server: 195.54.13.65
Address: 195.54.13.65#53
** server can't find 2.0.38.10.in-addr.arpa: REFUSED
# nslookup 10.38.0.2 195.54.13.88
Server: 195.54.13.88
Address: 195.54.13.88#53
2.0.38.10.in-addr.arpa name = ap-m002.wifi.
# nslookup ap-m002.wifi
Server: 195.54.13.65
Address: 195.54.13.65#53
** server can't find ap-m002.wifi: NXDOMAIN
# nslookup ap-m002.wifi 195.54.13.88
Server: 195.54.13.88
Address: 195.54.13.88#53
Name: ap-m002.wifi
Address: 10.38.0.2Actually a question - why the return zone does not work?
1 answer(s)
@garison2004
G
garison2004, 2018-12-15 @garison2004
Each time you change the zone files, you need to change the serial, I increase by +1, the comparison of the zones of the slave and the master goes according to Serial.
2018121403 ; Serial
Master works correctly
Similar questions
A
S
M
N
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question