Bind and reverse subdomains
lin.kh at wicam.com.kh
lin.kh at wicam.com.kh
Mon Aug 4 23:03:19 UTC 2008
Hi all,
First, please bear with me; i know this is not the place to ask about
BIND; but i'm hoping that, someone out there could help me. Also, sorry
for the lengthy post but most of it is to explain my scenario. And I
believe, the answer to my question will be very short.
Basically, I tried to delegate a reverse sub-domain (a subnet smaller than
/24). I could query a PTR record from the parent server but i could not
from the child server where all the configuration of the sub-domain
belongs.
Here is the detail:
I have my home network connected to my office network with a registered
domain (office.net, for example) with the scenario below. On the Office
DNS server (ns1.office.net), I would like to delegate both the forward
sub-domain home.office.net and reverse one 192.168.9.32/28 to the Home DNS
server (ns1.home.office.net).
My problem is that, on the Home server, i could not do this query:
$ host 192.168.9.33
Host 33.9.168.192.in-addr.arpa not found: 3(NXDOMAIN)
While from the Office server, i can:
$ host 192.168.9.33
33.9.168.192.in-addr.arpa is an alias for 33.32-39.9.168.192.in-addr.arpa.
33.32-39.9.168.192.in-addr.arpa domain name pointer ns1.home.kis.net.kh.
What could be the cause of problem? I might miss a transition somewhere
between the office parent zone and the home child zone. But i just don't
know. Everything else seems to work fine (the sub-domain forward zones are
ok).
I've been following the book of O'Reilly "DNS & BIND", 5th edition, which
is a great book i found; but the part on the reverse sub-domain is a bit
too tricky for me.
Could someone please help me out?
Here is the scenario:
Office Network:
===============
Domain: office.net (not real, used as example here only)
IP subnet : 192.168.9.0/24 (not real, used as example here only)
DNS Server: ns1.office.net (IP:192.168.9.1)
Home Network:
==============
Domain: home.office.net
IP Subnet : 192.168.9.32/28
DNS Server: ns1.home.office.net (IP:192.168.9.33)
On both of the DNS servers, i'm running BIND on Fedora 9.
The configuration files on the Office server (ns1.office.net) looks as below:
1. /etc/resolv.conf
=== Beginning of file ===
search office.net
nameserver 192.168.9.1
nameserver 192.168.9.2
=== End of file ===
2. /var/named/chroot/etc/named.conf
(I'm using bind-chroot here with ROOTDIR=/var/named/chroot set in
/etc/sysconfig/named)
=== Beginning of file ===
options {
listen-on port 53 { 127.0.0.1; 192.168.9.1;};
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { trusted;};
recursion yes;
};
acl trusted {127.0.0.1; 192.168.9.0/24;};
include "/etc/named.rfc1912.zones";
zone "office.net" IN {
type master;
file "office.zone";
};
zone "9.168.192.in-addr.arpa" IN {
type master;
file "9.168.192.zone";
};
=== End of file===
3. /var/named/chroot/var/named/office.zone
=== Beginning of file ===
$TTL 1D
@ IN SOA ns1.office.net. root.office.net. (
08080201 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.office.net.
NS ns2.office.net.
MX 10 mail1.office.net.
MX 20 mail2.office.net.
A 192.168.9.12
ns1 IN A 192.168.9.1
ns2 IN A 192.168.9.2
mail1 IN A 192.168.9.11
mail2 IN A 192.168.9.12
www IN CNAME mail2
;; Glue records for home.office.net
home IN NS ns1.home
ns1.home IN A 192.168.9.33
=== End of file ===
4. /var/named/chroot/var/named/9.168.192.zone:
=== Beginning of file ===
$TTL 1D
@ IN SOA ns1.office.net. root.office.net. (
08080203 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns1.office.net.
NS ns2.office.net.
1 IN PTR ns1.office.net.
2 IN PTR ns2.office.net.
11 IN PTR mail1.office.net.
12 IN PTR mail2.office.net.
$GENERATE 33-39 $ CNAME $.32-39
32-39 IN NS ns1.home.office.net.
=== End of file ===
And finally, the configuration files on the Home server
(ns1.home.office.net) looks as below:
1. /etc/resolv.conf
#=== Beginning of file ===
search home.office.net
nameserver 192.168.9.33
#=== End of file ===
2. /var/named/chroot/etc/named.conf
//=== Beginning of file ===
options {
listen-on port 53 { 127.0.0.1; 192.168.9.33;};
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
allow-query { localhost; 192.168.9.32/28;};
// forward first;
// forwarders {192.168.9.5;};
};
include "/etc/named.rfc1912.zones";
zone "home.kis.net.kh" IN {
type master;
file "home.zone";
};
zone "32-39.9.168.192.in-addr.arpa" IN {
type master;
file "32-39.9.168.192.zone";
};
//=== End of file ===
3. /var/named/chroot/var/named/home.zone
;=== Beginning of file ===
$TTL 86400
@ IN SOA ns1.home.office.net. root.home.office.net. (
08080501 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.home.office.net.
IN MX 10 mail.home.office.net.
ns1 IN A 192.168.9.33
mail IN A 192.168.9.35
;=== End of file ===
4. /var/named/chroot/var/named/32-39.9.168.192.zone
;=== Beginning of file ===
$TTL 86400
@ IN SOA ns1.home.office.net. root.home.office.net. (
08080203 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.home.office.net.
33 IN PTR ns1.home.office.net.
35 IN PTR mail.home.office.net.
;=== End of file ===
Thanks in advance for any ideas?
Best,
Khem
More information about the fedora-list
mailing list