Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 3rd October 2008, 16:55
twink_dakid twink_dakid is offline
Junior Member
 
Join Date: Sep 2008
Location: California, USA
Posts: 11
Thanks: 2
Thanked 1 Time in 1 Post
Default Ubuntu + Bind9 Reverse DNS partial Class C

I have successfully set my first linux server using Ubuntu and Bind9. All of my dns settings are working great until reverse dns checks. I am not a dns guru and think the fact that I am using a partial class C is the cause. Can someone review and show me my error. Thank you.
For this sample domain my IP range is 1.18.2.160/27
/etc/bind/zones/rev.160.2.18.1.in-addr.arpa
$ttl 38400
@ IN SOA nsa.sample.net. root.sample.net. (
2008091001;
28800;
604800;
604800;
86400;
)

@ IN NS nsa.sample.net.
171 IN PTR nsa.sample.net.
170 IN PTR smtp.sample.net. ; ‘future secondary for later’
161 IN PTR mail.sample.net.

Or maybe it should be:
171.160/27.2.18.1 IN PTR nsa.sample.net.
170.160/27.2.18.1 IN PTR smtp.sample.net. ; ‘future secondary for later’
161.160/27.2.18.1 IN PTR mail.sample.net.


vi /etc/bind/named.conf.local
zone "160.2.18.1.in-addr.arpa" {
type master;
notify no;
file "/etc/bind/zones/rev.160.2.18.1.in-addr.arpa";
allow-transfer { 1.18.2.170; };
allow-update { none; };
allow-query { any; };
};

Thanks for any help
__________________
____________
Thanks,
Twink

Last edited by twink_dakid; 4th October 2008 at 15:31.
Reply With Quote
Sponsored Links
  #2  
Old 4th October 2008, 13:32
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

Quote:
Originally Posted by twink_dakid View Post

@ IN NS nsa. sample.net.
171 IN PTR nsa. sample.net.
170 IN PTR smtp. sample.net. ; ‘future secondary for later’
161 IN PTR mail. sample.net.

Or maybe it should be:
171.160/27.2.18.1 IN PTR nsa. sample.net.
170.160/27.2.18.1 IN PTR smtp. sample.net. ; ‘future secondary for later’
161.160/27.2.18.1 IN PTR mail. sample.net.
Why do you have spaces in the hostnames? Please remove them.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
twink_dakid (4th October 2008)
  #3  
Old 4th October 2008, 15:33
twink_dakid twink_dakid is offline
Junior Member
 
Join Date: Sep 2008
Location: California, USA
Posts: 11
Thanks: 2
Thanked 1 Time in 1 Post
Default

Sorry Falko,
I thought I proofed the post before I posted. I double checked the server and the spaces are only in the post.
__________________
____________
Thanks,
Twink
Reply With Quote
  #4  
Old 4th October 2008, 17:02
martinfst martinfst is offline
Senior Member
 
Join Date: Dec 2006
Location: Hilversum, The Netherlands
Posts: 880
Thanks: 1
Thanked 18 Times in 17 Posts
Send a message via MSN to martinfst Send a message via Skype™ to martinfst
Default

You seem to be using public ip ranges. Any reason why you don't use official local ip ranges 192.168 or 172 or 10 ranges?

What is the output of the command
Code:
dig @localhost -x <ip adrress of your server>
Reply With Quote
  #5  
Old 4th October 2008, 19:12
twink_dakid twink_dakid is offline
Junior Member
 
Join Date: Sep 2008
Location: California, USA
Posts: 11
Thanks: 2
Thanked 1 Time in 1 Post
Default

I did not use 10 or 192 so that everyone understood that this is an external dns server.

dig response:
; <<>> DiG 9.4.2-P1 <<>> @localhost -x 1.18.2.171
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
__________________
____________
Thanks,
Twink
Reply With Quote
  #6  
Old 5th October 2008, 02:14
twink_dakid twink_dakid is offline
Junior Member
 
Join Date: Sep 2008
Location: California, USA
Posts: 11
Thanks: 2
Thanked 1 Time in 1 Post
Default

Update: I found extra servers in vi /etc/resolv.conf and removed all but localhost.

New dig output:

; <<>> DiG 9.4.2-P1 <<>> -x @localhost 1.18.2.171
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22676
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;\@localhost.in-addr.arpa. IN PTR

;; AUTHORITY SECTION:
in-addr.arpa. 10800 IN SOA A.ROOT-SERVERS.NET. dns-ops.ARIN.NET. 2008100416 1800 900 691200 10800

;; Query time: 271 msec
;; SERVER: 1.18.2.171#53(1.18.2.171)
;; WHEN: Sat Oct 4 17:09:45 2008
;; MSG SIZE rcvd: 108

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38994
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.18.2.171. IN A

;; AUTHORITY SECTION:
. 10800 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2008100401 1800 900 604800 86400

;; Query time: 585 msec
;; SERVER: 1.18.2.171#53(1.18.2.171)
;; WHEN: Sat Oct 4 17:09:45 2008
;; MSG SIZE rcvd: 106
__________________
____________
Thanks,
Twink
Reply With Quote
  #7  
Old 5th October 2008, 08:49
martinfst martinfst is offline
Senior Member
 
Join Date: Dec 2006
Location: Hilversum, The Netherlands
Posts: 880
Thanks: 1
Thanked 18 Times in 17 Posts
Send a message via MSN to martinfst Send a message via Skype™ to martinfst
Default

Are you the owner of the class A 1.x.x.x subnet? Most likely not. If you are connected to the public internet, you should use a valid IP address for your server.
Reply With Quote
  #8  
Old 5th October 2008, 16:42
twink_dakid twink_dakid is offline
Junior Member
 
Join Date: Sep 2008
Location: California, USA
Posts: 11
Thanks: 2
Thanked 1 Time in 1 Post
Default

No I do not own that class A 1 range but I do own a different partial class A range. I have contacted by provider 3 times and because I have my own dns server I had them transfer the authority to my server. Previous errors showed no domain (nxdomain) in RDNS tests but at least now all I get is a server error (servfail). Everything works great (www, email and vpn) until I send emails to servers using rdns check. At that point everything stops working.

Yes I could have had my provider do this but there was a charge. As a small school district every penny counts. If money was not the problem I could have switched to a windows server by now.
__________________
____________
Thanks,
Twink
Reply With Quote
  #9  
Old 6th October 2008, 14:46
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

What's in your named.conf?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #10  
Old 7th October 2008, 04:45
twink_dakid twink_dakid is offline
Junior Member
 
Join Date: Sep 2008
Location: California, USA
Posts: 11
Thanks: 2
Thanked 1 Time in 1 Post
 
Default

// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
type master;
file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};

include "/etc/bind/named.conf.local";

//key "TRANSFER" {
// algorithm hmac-md5;
// secret "+157+48374";
//};

//include "/etc/bind/rndc.key";
server 1.18.2.170 {
// keys {
// TRANSFER;
// };
};

-end-
Notice that at the end I tried to setup the secondary and bailed when it did not work.
__________________
____________
Thanks,
Twink
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid Proxy Caching on Linux obzerver Installation/Configuration 4 13th August 2008 19:51
Google Apps dayjahone General 19 29th March 2008 17:25
DNS Configuration Problems VMartins Installation/Configuration 10 24th July 2007 14:40
Unable send receive emails vassilis3 Installation/Configuration 15 19th May 2007 14:34
Reverse DNS disasm General 3 13th January 2006 19:43


All times are GMT +2. The time now is 08:34.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.