Unable to configure reverse DNS on my server
Shadow Hawkins on Friday, 08 May 2015 06:35:58
Hi. I'm trying to configure my ISPConfig BIND9 server to act as reverse DNS for my zone.
In Sixxs subnet configuration I added "ispconfig.domain.com." as NS for my zone.
Then in my control panel I created a new zone 1.2.3.4.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa.
(1.2.3,4 is fake) with NS "ispconfig.domain.com." and my email address.
2001:1418:100:4321::172 is my ispconfig.domain.com.
Then I added two reverse dns hosts, but when I try a resolution:
root@ispconfig:/etc/bind# dig +trace 2.7.1.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.3.4.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. @8.8.4.4
; <<>> DiG 9.8.1-P1 <<>> +trace 2.7.1.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.3.4.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. @8.8.4.4
;; global options: +cmd
. 2446 IN NS c.root-servers.net.
. 2446 IN NS a.root-servers.net.
. 2446 IN NS h.root-servers.net.
. 2446 IN NS k.root-servers.net.
. 2446 IN NS g.root-servers.net.
. 2446 IN NS d.root-servers.net.
. 2446 IN NS f.root-servers.net.
. 2446 IN NS j.root-servers.net.
. 2446 IN NS f.root-servers.net.
. 2446 IN NS j.root-servers.net.
. 2446 IN NS m.root-servers.net.
. 2446 IN NS e.root-servers.net.
. 2446 IN NS b.root-servers.net.
. 2446 IN NS l.root-servers.net.
. 2446 IN NS i.root-servers.net.
;; Received 228 bytes from 8.8.4.4#53(8.8.4.4) in 448 ms
ip6.arpa. 172800 IN NS a.ip6-servers.arpa.
ip6.arpa. 172800 IN NS b.ip6-servers.arpa.
ip6.arpa. 172800 IN NS c.ip6-servers.arpa.
ip6.arpa. 172800 IN NS d.ip6-servers.arpa.
ip6.arpa. 172800 IN NS e.ip6-servers.arpa.
ip6.arpa. 172800 IN NS f.ip6-servers.arpa.
;; Received 462 bytes from 193.0.14.129#53(193.0.14.129) in 127 ms
4.1.1.0.0.2.ip6.arpa. 86400 IN NS ns3.nic.fr.
4.1.1.0.0.2.ip6.arpa. 86400 IN NS pri.authdns.ripe.net.
4.1.1.0.0.2.ip6.arpa. 86400 IN NS sec1.apnic.net.
4.1.1.0.0.2.ip6.arpa. 86400 IN NS sec3.apnic.net.
4.1.1.0.0.2.ip6.arpa. 86400 IN NS sns-pb.isc.org.
4.1.1.0.0.2.ip6.arpa. 86400 IN NS tinnie.arin.net.
;; Received 246 bytes from 2001:43f8:110::11#53(2001:43f8:110::11) in 318 ms
8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS ns.mil.itgate.net.
8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS ns.trn.itgate.net.
8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS ns-v6.ripe.net.
;; Received 211 bytes from 2001:500:13::c7d4:35#53(2001:500:13::c7d4:35) in 149 ms
1.0.8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS ns1.sixxs.net.
1.0.8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS ns3.sixxs.net.
1.0.8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS ns2.sixxs.net.
;; Received 153 bytes from 212.110.33.254#53(212.110.33.254) in 37 ms
1.2.3.4.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. 14400 IN NS ispconfig.domain.com.
;; Received 120 bytes from 2001:960:800::2#53(2001:960:800::2) in 64 ms
. 3600000 IN NS F.ROOT-SERVERS.NET.
. 3600000 IN NS C.ROOT-SERVERS.NET.
. 3600000 IN NS I.ROOT-SERVERS.NET.
. 3600000 IN NS G.ROOT-SERVERS.NET.
. 3600000 IN NS B.ROOT-SERVERS.NET.
. 3600000 IN NS M.ROOT-SERVERS.NET.
. 3600000 IN NS K.ROOT-SERVERS.NET.
. 3600000 IN NS E.ROOT-SERVERS.NET.
. 3600000 IN NS J.ROOT-SERVERS.NET.
. 3600000 IN NS A.ROOT-SERVERS.NET.
. 3600000 IN NS H.ROOT-SERVERS.NET.
. 3600000 IN NS D.ROOT-SERVERS.NET.
. 3600000 IN NS L.ROOT-SERVERS.NET.
;; BAD REFERRAL
;; Received 301 bytes from 2001:1418:100:4321::172#53(2001:1418:100:4321::172) in 1 ms
this is my zone file:
# cat pri.1.2.3.4.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa.err
$TTL 3600
@ IN SOA ispconfig.domain.com. maxxer.domain.com. (
2015050804 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;
2.7.1.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.3.4.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. 86400 PTR ispconfig.ufficyo.com
What's wrong?
thanks
Unable to configure reverse DNS on my server
Jeroen Massar on Friday, 08 May 2015 06:44:29 What's wrong?
ispconfig.domain.com. is not serving the zone
Use
dig @ispconfig.domain.com. 1.2.3.4.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa.
and you'll see more. Maybe you did not define the zone in the DNS server?
As you are obfuscating various parts, little anybody can state about what happens though.
Note that there is another bad configuration in that ispconfig.domain.com should not redirect to the root ("."). It should reply with a much smaller REFUSED packet.
Unable to configure reverse DNS on my server
Shadow Hawkins on Friday, 08 May 2015 07:03:55
Honestly I'm not very familiar with BIND.
According to the ISPConfig panel the zone IS configured, but the query you suggested returns nothing (with unobfuscated IPs):
# dig b.8.5.8.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. @demo.ufficyo.com
; <<>> DiG 9.8.1-P1 <<>> b.8.5.8.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. @demo.ufficyo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 61125
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;b.8.5.8.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. IN A
;; Query time: 1842 msec
;; SERVER: 2001:1418:100:858b::172#53(2001:1418:100:858b::172)
;; WHEN: Fri May 8 08:58:47 2015
;; MSG SIZE rcvd: 58
but isn't the file I posted the zone file definition?
This is a screenshot of the panel.
thank you for your help
Unable to configure reverse DNS on my server
Shadow Hawkins on Friday, 08 May 2015 07:07:04
Jeroen Massar wrote:
ispconfig.domain.com. is not serving the zone
Indeed I see the zone file is NOT referenced anywhere. I'm having a look at named.conf.local and it's empty. I'll dig further.
Unable to configure reverse DNS on my server
Shadow Hawkins on Monday, 11 May 2015 05:18:26
Lorenzo Milesi wrote:
this is my zone file:
Ummmm, I recently discovered that bind does not serve a zone that is missing the NS records. If this is the full cat of your zone file, then this is your problem.
# cat pri.1.2.3.4.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa.err
$TTL 3600
@ IN SOA ispconfig.domain.com. maxxer.domain.com. (
2015050804 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;
2.7.1.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.3.4.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. 86400 PTR ispconfig.ufficyo.com
What's wrong?
thanks
Posting is only allowed when you are logged in. |