[SOLVED] bind under ISPconfig3.1 - cannot get reverse zone working

Discussion in 'Installation/Configuration' started by j.kaspar, Aug 16, 2017.

  1. san

    san New Member

    vim pri.san.local
    /////////
    $TTL 3600
    @ IN SOA server1.san.local. sanshrestha21.gmail.com. (
    2019052007 ; serial, todays date + todays serial #
    7200 ; refresh, seconds
    540 ; retry, seconds
    604800 ; expire, seconds
    3600 ) ; minimum, seconds
    ;

    san.local. 3600 NS server1
    san.local. 3600 TXT "v=spf1 mx a ~all"
    san.local. 3600 NS server1
    san.local. 3600 MX 10 mail.san.local.
    san.local. 3600 NS server1
    mail 3600 A 172.19.0.234
    www 3600 A 172.19.0.234
    san.local. 3600 A 172.19.0.234
    server1 3600 A 172.19.0.234
    //////////////forward dns check///////////
    [[email protected] named]# named-checkzone san.local /var/named/pri.san.local
    zone san.local/IN: loaded serial 2019052007
    OK
    //////////while dig////////////
    [[email protected] named]# dig @172.19.0.234 san.local

    ; <<>> DiG 9.9.4-RedHat-9.9.4-73.el7_6 <<>> @172.19.0.234 san.local
    ; (1 server found)
    ;; global options: +cmd
    ;; connection timed out; no servers could be reached
     
  2. san

    san New Member

    [[email protected] named]# host server1.san.local 172.19.0.234
    ;; connection timed out; no servers could be reached
    //////////////////
    [[email protected] named]# dig @172.19.0.234 san.local

    ; <<>> DiG 9.9.4-RedHat-9.9.4-73.el7_6 <<>> @172.19.0.234 san.local
    ; (1 server found)
    ;; global options: +cmd
    ;; connection timed out; no servers could be reached
    //////////////////vim /var/named/pri.san.local
    $TTL 3600
    @ IN SOA server1.san.local. sanshrestha21.gmail.com. (
    2019052017 ; serial, todays date + todays serial #
    7200 ; refresh, seconds
    540 ; retry, seconds
    604800 ; expire, seconds
    3600 ) ; minimum, seconds
    ;

    san.local. 3600 NS server1.san.local.
    san.local. 3600 TXT "v=spf1 mx a ~all"
    san.local. 3600 NS server1.san.local.
    san.local. 3600 MX 10 mail.san.local.
    mail 3600 A 172.19.0.234
    www 3600 A 172.19.0.234
    server1.san.local. 3600 A 172.19.0.234
    //////////////
    [[email protected] named]# named-checkzone san.local /var/named/pri.san.local
    zone san.local/IN: loaded serial 2019052017
    OK
     
  3. san

    san New Member

    yup now is working ,, no error on both forward and reverse dns
    vim pri.san.local
    /////
    $TTL 3600
    @ IN SOA server1.san.local. sanshrestha21.gmail.com. (
    2019052017 ; serial, todays date + todays serial #
    7200 ; refresh, seconds
    540 ; retry, seconds
    604800 ; expire, seconds
    3600 ) ; minimum, seconds
    ;

    san.local. 3600 NS server1.san.local.
    san.local. 3600 TXT "v=spf1 mx a ~all"
    san.local. 3600 NS server1.san.local.
    san.local. 3600 MX 10 mail.san.local.
    mail 3600 A 172.19.0.234
    www 3600 A 172.19.0.234
    server1.san.local. 3600 A 172.19.0.234


    /////////////////
    vim pri.0.19.172.in-addr.arpa
    //////////
    $TTL 3600
    @ IN SOA server1.san.local. sanshrestha21.gmail.com. (
    2019052007 ; serial, todays date + todays serial #
    7200 ; refresh, seconds
    540 ; retry, seconds
    604800 ; expire, seconds
    3600 ) ; minimum, seconds
    ;

    0.19.172.in-addr.arpa. 3600 NS server1.san.local.
    234 3600 PTR server1.san.local.
    ///////////
    [[email protected] named]# named-checkzone san.local /var/named/pri.san.local
    zone san.local/IN: loaded serial 2019052017
    OK
    [[email protected] named]# named-checkzone san.local /var/named/pri.0.19.172.in-addr.arpa
    /var/named/pri.0.19.172.in-addr.arpa:10: ignoring out-of-zone data (0.19.172.in-addr.arpa)
    zone san.local/IN: has no NS records
    zone san.local/IN: not loaded due to errors.
    [[email protected] named]#
     
  4. san

    san New Member

    in reverse dns pri.0.19.172.in-addr.arpa the .err file name is changed to pri.0.19.172.in-addr.arpa but still no NS record found
    [[email protected] named]# named-checkzone san.local /var/named/pri.0.19.172.in-addr.arpa
    /var/named/pri.0.19.172.in-addr.arpa:10: ignoring out-of-zone data (0.19.172.in-addr.arpa)
    zone san.local/IN: has no NS records
    zone san.local/IN: not loaded due to errors.
     
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    If named-checzone says zone does not have NS records, I would take that as true. At least the NS records are not valid.
    Have you set up your DNS using ISPConfig? And followed the Tutorial @till pointed out?
     
  6. Jesse Norell

    Jesse Norell Well-Known Member

    You ran named-checkzone incorrectly; your zone file must have a(n) NS record(s) if you no longer have a .err file (and didn't rename it manually), and the output of the pri.0.19.172.in-addr.arpa which you pasted above confirms that.
     
  7. san

    san New Member

    YES, I followed as @till said, and DNS was setup using ISPConfig,, no manual edit, all from ISPConfig browser
     
  8. san

    san New Member

    OKAY , FIrst thing there was no manuall rename or anything from cli command , everything was done via ISPConfig Browser, from ISPcConfig itself the .err file was changed to pri.0.19.172.in-addr.arpa
    could u tell me @@You ran named-checkzone incorrectly, how to named-checcked correctly
     
  9. san

    san New Member

    @jesse
    HELP ME here , where am i missing
    [[email protected] named]# named-checkzone server1.san.local /var/named/pri.san.local
    /var/named/pri.san.local:10: ignoring out-of-zone data (san.local)
    /var/named/pri.san.local:11: ignoring out-of-zone data (san.local)
    /var/named/pri.san.local:12: ignoring out-of-zone data (san.local)
    /var/named/pri.san.local:13: ignoring out-of-zone data (san.local)
    zone server1.san.local/IN: has no NS records
    zone server1.san.local/IN: not loaded due to errors.
    [[email protected] named]# named-checkzone server1.san.local /var/named/pri.0.19.172.in-addr.arpa
    /var/named/pri.0.19.172.in-addr.arpa:10: ignoring out-of-zone data (0.19.172.in-addr.arpa)
    zone server1.san.local/IN: has no NS records
    zone server1.san.local/IN: not loaded due to errors.

    //////////////////
    vim pri.san.local
    $TTL 3600
    @ IN SOA server1.san.local. sanshrestha21.gmail.com. (
    2019052017 ; serial, todays date + todays serial #
    7200 ; refresh, seconds
    540 ; retry, seconds
    604800 ; expire, seconds
    3600 ) ; minimum, seconds
    ;

    san.local. 3600 NS server1.san.local.
    san.local. 3600 TXT "v=spf1 mx a ~all"
    san.local. 3600 NS server1.san.local.
    san.local. 3600 MX 10 mail.san.local.
    mail 3600 A 172.19.0.234
    www 3600 A 172.19.0.234
    server1.san.local. 3600 A 172.19.0.234
    ////////////////
    vim pri.0.19.172.in-addr.arpa

    $TTL 3600
    @ IN SOA server1.san.local. sanshrestha21.gmail.com. (
    2019052007 ; serial, todays date + todays serial #
    7200 ; refresh, seconds
    540 ; retry, seconds
    604800 ; expire, seconds
    3600 ) ; minimum, seconds
    ;

    0.19.172.in-addr.arpa. 3600 NS server1.san.local.
    234 3600 PTR server1.san.local.
     
  10. san

    san New Member

    [[email protected] named]# named-checkzone 0.19.172.in-addr.arpa /var/named/pri.0.19.172.in-addr.arpa
    zone 0.19.172.in-addr.arpa/IN: loaded serial 2019052105
    OK
     
  11. san

    san New Member

    [[email protected] named]# named-checkzone san.local /var/named/pri.0.19.172.in-addr.arpa
    /var/named/pri.0.19.172.in-addr.arpa:11: ignoring out-of-zone data (0.19.172.in-addr.arpa)
    /var/named/pri.0.19.172.in-addr.arpa:12: ignoring out-of-zone data (0.19.172.in-addr.arpa)
    zone san.local/IN: has no NS records
    zone san.local/IN: not loaded due to errors.
    [[email protected] named]# named-checkzone 234.0.19.172.in-addr.arpa /var/named/pri.0.19.172.in-addr.arpa
    /var/named/pri.0.19.172.in-addr.arpa:11: ignoring out-of-zone data (0.19.172.in-addr.arpa)
    /var/named/pri.0.19.172.in-addr.arpa:12: ignoring out-of-zone data (0.19.172.in-addr.arpa)
    zone 234.0.19.172.in-addr.arpa/IN: has no NS records
    zone 234.0.19.172.in-addr.arpa/IN: not loaded due to errors.
     
  12. san

    san New Member

    pri.san.local and pri.0.19.172.in-addr.arpa both are error free
    but dig in cli gives no result not even on nslookup


    [[email protected] named]# dig -x @172.19.0.234 san.local

    ; <<>> DiG 9.9.4-RedHat-9.9.4-73.el7_6 <<>> -x @172.19.0.234 san.local
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18608
    ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1452
    ;; QUESTION SECTION:
    ;234.0.19.\@172.in-addr.arpa. IN PTR

    ;; AUTHORITY SECTION:
    in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2019023240 1800 900 604800 3600

    ;; Query time: 335 msec
    ;; SERVER: 1.1.1.1#53(1.1.1.1)
    ;; WHEN: Tue May 21 14:14:40 +0545 2019
    ;; MSG SIZE rcvd: 123

    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6606
    ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1452
    ;; QUESTION SECTION:
    ;san.local. IN A

    ;; AUTHORITY SECTION:
    . 10003 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019052100 1800 900 604800 86400

    ;; Query time: 2 msec
    ;; SERVER: 1.1.1.1#53(1.1.1.1)
    ;; WHEN: Tue May 21 14:14:41 +0545 2019
    ;; MSG SIZE rcvd: 113
     
  13. san

    san New Member

    yes its working after editing /etc/named.conf file adding dns ip on allow query and listen-on

    [[email protected] named]# dig @172.19.0.234 san.local

    ; <<>> DiG 9.9.4-RedHat-9.9.4-73.el7_6 <<>> @172.19.0.234 san.local
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1422
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;san.local. IN A

    ;; AUTHORITY SECTION:
    san.local. 3600 IN SOA server1.san.local. sanshrestha21.gmail.com. 2019052108 7200 540 604800 3600

    ;; Query time: 0 msec
    ;; SERVER: 172.19.0.234#53(172.19.0.234)
    ;; WHEN: Tue May 21 14:44:38 +0545 2019
    ;; MSG SIZE rcvd: 105

    [[email protected] named]# nslookup 172.19.0.234
    Server: 172.19.0.234
    Address: 172.19.0.234#53

    234.0.19.172.in-addr.arpa name = server1.san.local.

    [[email protected] named]# nslookup server1.san.local
    Server: 172.19.0.234
    Address: 172.19.0.234#53

    Name: server1.san.local
    Address: 172.19.0.234
     
  14. san

    san New Member

    THANK YOU, EVERYONE. THANKS FOR REPLY AND SUPPORT
     
    till and Jesse Norell like this.

Share This Page