?
Solved

Reverse DNS Bind

Posted on 2010-01-13
22
Medium Priority
?
504 Views
Last Modified: 2013-12-15
hi experts, I need help setting a reverse dns for a domain. I created the zone file

$ttl 38400
domain.tld.      IN      SOA      ns1.domain.tld. web.domain.tld. (
                  1217619153
                  10800
                  3600
                  604800
                  38400 )
domain.tld.      IN      NS      ns1.domain.tld.
domain.tld.      IN      A      192.168.1.1
domain.tld.      IN      NS      ns2.domain.tld.
ns1.domain.tld.      IN      A      192.168.1.1
ns2.domain.tld.      IN      A      192.168.1.2
www.domain.tld.      IN      CNAME      domain.tld.

I updated named.conf

zone "domain.tld" {
      type master;
      file "/var/named/chroot/var/named/domain.tld.hosts";
      };

and now the DNS is working fine, but I want to create a reverse zone PTR but I have no clue on how to do it, could you give me a step by step example to configure it??

thanks
0
Comment
Question by:ricuff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 7
  • 3
22 Comments
 

Author Comment

by:ricuff
ID: 26301713
could you give me a step by step help configuring it thanks
0
 
LVL 16

Expert Comment

by:Raheem05
ID: 26301756
OK do you host your own DNS? I am assuming you do by the IP address please clarify
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 

Author Comment

by:ricuff
ID: 26301957
yes I host my dns and I have static ip address thanks
0
 
LVL 16

Expert Comment

by:Raheem05
ID: 26301964
Is this a windows DNS on a windows box?
0
 

Author Comment

by:ricuff
ID: 26301974
linux on centos and bind
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26301977
Hi Please modify your zone file such as below:

@ macro reresents the zonne neame you've defined in your named.conf to refer this zone. So you don't need to explicitly specify the name jsut to mention @ is enough. Then you don't need to specify the domain name explicitly if it will refer the prevous record. soI've deleted them. Another point is you don't need to enter FQDN if all server names are relative to your own domain. since it will be completed with the domain itself. I've removed them too and for convenience I've put NS records together and then the A record.

Please check these RFC's for DNS zones:

RFC1912
RFC2181
RFC2182
RFC2308
$ttl 7200     ; RFC 2308 staes 1-3 hours
@         IN      SOA      ns1.domain.tld. web.domain.tld. (
                  2010011301   ; According to RFC 1912 YYYYMMDDnn
                  10800        ; RFC 1912 1200 - 43200 Seconds OK
                  3600         ; RFC 1912 120-7200 seconds OK
                  604800       ; RFC 1912 2-4W  should be at least: 1209600 Please modify
                  38400 )      ; RFC 2038 1-3 hours Please modify

                 IN      NS      ns1
                 IN      NS      ns2
                 IN      A       192.168.1.1
ns1              IN      A      192.168.1.1
ns2              IN      A      192.168.1.2
www              IN      CNAME      ns1

Open in new window

0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26302058
Your path is an absolute path. You won't be seeing the whole tree after you've chrooted. Don't you use the chrooted version of named? This is too dangerous !!! if your're not using it just install the fileset:

yum install named-chroot.

to check what version of named you're using use the command:

rpm -qa | grep bind


Cheers,
K.
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26302064
This is what your named.conf should look like:
acl localnet { x.x.x.x/y; }

options {
        version "12.2.5I";
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";

        allow-transfer { localnet;};

        allow-recursion { localnet; };
};

zone "." in {
        type hint;
        file "data/named.root";
};

// Assumeng your IP segment is 10.20.30.x and whole C class belongs to you

zone "30.20.10.in-addr.arpa" in {
        type master;
        file "data/named.loc";
};

zone "domain.tld" {
      type master;
      file "data/domain.tld.hosts";
};


zone "0.0.127.in-addr.arpa" in {
        type master;
        file "data/named.loc";
};

Open in new window

0
 

Author Comment

by:ricuff
ID: 26302068
ok now should I save this as zone file? if yes should I save it in rhe normal zone file? and where I see the PTR record?
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26302074
OOps sorry this should read:
zone "30.20.10.in-addr.arpa" in {
        type master;
        file "data/named.rev-10.20.30";
};

Open in new window

0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26302139
The contents should be something similar to the below snippet. Notice that this time DNS servers are FQDN. SOA values are in accordance with related RFC's

and don't for get that:
-  The first parameter in SOA must be one of your name servers since it is your domain origin.
- The second parameter is the address only the first dot will be replaced with a "@" so your address in the below code will be interpreted as :

postmaster.domain.tld    postmaster@domain.tld

I don't know if you really have an email address like web@domain.tld (according to your SOA record)  in your SMTP server if not replace it to something valid. Please check the RFC 1912.

Cheers,
K.
$ttl 7200     
@         IN      SOA      ns1.domain.tld. postmaster.domain.tld. (
                  2010011301   ; Serial
                  10800        ; Refresh for secondaries
                  3600         ; Retry
                  1209600      ; Expire
                  7200 )       ; TTL

                 IN      NS      ns1.domain.tld.
                 IN      NS      ns2.domain.tld.

1                IN      PTR     ns1.domain.tld.
2                IN      PTR     ns2.domain.tld.

Open in new window

0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26302176
> ok now should I save this as zone file? if yes should I save it in rhe normal zone file? and where I see
> the PTR record?

The example in the note <a href=http://www.experts-exchange.com/OS/Linux/Q_25050670.html#a26302064>http://#26302064</a> is the contents of your /var/named/chroot/etc/named.conf not a zone file.

cheers,
K.
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26302192
> and where I see the PTR record?

You see it in the node ID  http://www.experts-exchange.com/OS/Linux/Q_25050670.html#a26302064
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26302199
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26302236
The zone file belongs to the address range:

10.20.30   = 30.20.10.in-addr.arpa

The record "1 PTR  ..." hence means : 10.20.30.1

I've used the 10.x.x.x segment for convenience. In your IP range it would be: 192.168.1.1 and the zone record in your named.conf will be:

zone "1.168.192.in-addr.arpa" in {
        type master;
        file "data/named.rev-192.168.1";
};


so the @ macro for this zoe will mean: 1.168.192.in-addr.arpa This is why we're using absolute path for the DNS servers otherwise we just leave them as ns1 and ns2 they will be completed as :

ns1.1.192.168.in-addr.arpa which would be meaningless.

Cheers,
K.
0
 

Author Comment

by:ricuff
ID: 26302278
ok let me understand please

1) I modify the existing zone file and I add the @         IN      SOA      ns1.domain.tld. web.domain.tld.
instead of domain.tld.      IN      SOA      ns1.domain.tld. web.domain.tld. and save it

2) I add to named.conf
zone "30.20.10.in-addr.arpa" in {
        type master;
        file "data/named.rev-10.20.30";
};

3) I create a file with this content
$ttl 7200      
@         IN      SOA      ns1.domain.tld. postmaster.domain.tld. (
                  2010011301   ; Serial
                  10800        ; Refresh for secondaries
                  3600         ; Retry
                  1209600      ; Expire
                  7200 )       ; TTL
 
                 IN      NS      ns1.domain.tld.
                 IN      NS      ns2.domain.tld.
 
1                IN      PTR     ns1.domain.tld.
2                IN      PTR     ns2.domain.tld.


and where I should save it and what name?
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 2000 total points
ID: 26302376
> and where I should save it and what name?

You've already answered this:

2) I add to named.conf
zone "30.20.10.in-addr.arpa" in {
        type master;
        file "data/named.rev-10.20.30";
};

So it will be saved under the file called: named.rev-10.20.30  The path will be

/var/named/chroot/var/named/data and the file must be saved under this path rovided you have:

options {

        directory "/var/named";

}

command in your named.conf. As you see it is relative to the chroot directory which is: /var/named/chroot. If you don't have the options statement it will expect the file to be under:

/var/named/chroot/data. Which is a strange place so I'll trongly recommend you to include the options and ACL part to your named.conf too.

Cheers,
K.

0
 

Author Comment

by:ricuff
ID: 26302398
ok thanls I am going to try it please give me a few hours to finish and let you know thanks
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26302466
ok just take your time and let me know If I could be of further help.

cheers,
k.
0
 

Author Comment

by:ricuff
ID: 26321567
thanks great it is working
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 26327553
You're welcome.
0

Featured Post

Get proactive database performance tuning online

At Percona’s web store you can order full Percona Database Performance Audit in minutes. Find out the health of your database, and how to improve it. Pay online with a credit card. Improve your database performance now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Suggested Courses
Course of the Month9 days, 23 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question