vincenzo romero
2008-Mar-21 00:26 UTC
[CentOS] simple DNS question - reverse nslookup fails.
Hello all,
I am trying to configure a subdomain DNS server on a Cent OS 5.1 - for
my lab. Brief configuration:
Lab machine ---> 192.168.17.2 (should respond to DNS queries from
hosts in 192.168.16.0/20 network)
1. I would also like to forward any queries outside the above network
to our corporate domain (no firewalls between our 192.168.16.x network
and the corporate network. The domain server is: dns.company.com
with an IP of 10.100.1.2 (255.255.255.0).
2. What I have configured is:
192.168.17.2 --> myhost.lab.company.com
10.100.1.2 --> dns.company.com
3. Installed the dns bind 9 in myhost and set basic configuration via
the system-config-bind GUI. My configuration file specific to my
setup there is:
cat lab.maxiscale.com.db
$TTL 1H
@ SOA myhost.lab.company.com.
root.myhost.lab.company.com. ( 2
3H
1H
1W
1H )
NS myhost.lab.company.com.
qaserver2 A 192.168.17.3
qaserver1 A 192.168.17.1
myhost A 192.168.17.2
================
The rest of the DNS/Bind records were based upon the auto-generated
files from the Bind GUI Config tool.
3. I also changed myhost's resolv.conf to reflect the following:
search lab.mycompany.com
192.168.17.2
search mycompany.com
10.100.1.2
=====
PROBLEM:
1. When I am in myhost.com, I can perform:
a. nslookup hostname (to any host within 192.168.x and 10.100.x networks)
b. nslookup ip to anyhost wtihin both networks.
2. When I am in one of the hosts within 192.168.x aside from
myhost.com (for example, qaserver1 or qaserver2):
a: SUCCESS to nslookup hostname to any host within BOTH networks.
b. FAILS to nslookup ip (reverse nslookup) to anyhost within the
10.100.x network.
this is the error I get:
nslookup 10.100.1.2
Server: 192.168.17.2
Address: 192.168.17.2#53
Non-authoritative answer:
24.1.100.10.in-addr.arpa name = dns.company.com.
Authoritative answers can be found from:
. nameserver = e.root-servers.net.
. nameserver = f.root-servers.net.
. nameserver = g.root-servers.net.
. nameserver = h.root-servers.net.
. nameserver = i.root-servers.net.
. nameserver = j.root-servers.net.
. nameserver = k.root-servers.net.
. nameserver = l.root-servers.net.
. nameserver = m.root-servers.net.
. nameserver = a.root-servers.net.
. nameserver = b.root-servers.net.
. nameserver = c.root-servers.net.
. nameserver = d.root-servers.net.
a.root-servers.net internet address = 198.41.0.4
b.root-servers.net internet address = 192.228.79.201
c.root-servers.net internet address = 192.33.4.12
d.root-servers.net internet address = 128.8.10.90
e.root-servers.net internet address = 192.203.230.10
f.root-servers.net internet address = 192.5.5.241
g.root-servers.net internet address = 192.112.36.4
h.root-servers.net internet address = 128.63.2.53
i.root-servers.net internet address = 192.36.148.17
j.root-servers.net internet address = 192.58.128.30
k.root-servers.net internet address = 193.0.14.129
k.root-servers.net has AAAA address 2001:7fd::1
l.root-servers.net internet address = 199.7.83.42
====
I must be missing something stupid and apparent .... any help would be
greatly appreciated!!!
:)
thanks in advance!
--
best,
Vince
vincenzo romero wrote:> Hello all, > > I am trying to configure a subdomain DNS server on a Cent OS 5.1 - for > my lab. Brief configuration: > > Lab machine ---> 192.168.17.2 (should respond to DNS queries from > hosts in 192.168.16.0/20 network) > > 1. I would also like to forward any queries outside the above network > to our corporate domain (no firewalls between our 192.168.16.x network > and the corporate network. The domain server is: dns.company.com > with an IP of 10.100.1.2 (255.255.255.0). > > 2. What I have configured is: > > 192.168.17.2 --> myhost.lab.company.com > 10.100.1.2 --> dns.company.com > > 3. Installed the dns bind 9 in myhost and set basic configuration via > the system-config-bind GUI. My configuration file specific to my > setup there is: > > cat lab.maxiscale.com.db > $TTL 1H > @ SOA myhost.lab.company.com. > root.myhost.lab.company.com. ( 2 > 3H > 1H > 1W > 1H ) > NS myhost.lab.company.com. > qaserver2 A 192.168.17.3 > qaserver1 A 192.168.17.1 > myhost A 192.168.17.2 > > ================> > The rest of the DNS/Bind records were based upon the auto-generated > files from the Bind GUI Config tool. > > 3. I also changed myhost's resolv.conf to reflect the following: > > search lab.mycompany.com > 192.168.17.2 > search mycompany.com > 10.100.1.2 >what's this? should be: search lab.mycompany.com mycompany.com server 192.168.17.2 server 10.100.1.2> =====> > PROBLEM: > > 1. When I am in myhost.com, I can perform: > a. nslookup hostname (to any host within 192.168.x and 10.100.x networks) > b. nslookup ip to anyhost wtihin both networks. > > 2. When I am in one of the hosts within 192.168.x aside from > myhost.com (for example, qaserver1 or qaserver2): > > a: SUCCESS to nslookup hostname to any host within BOTH networks. > b. FAILS to nslookup ip (reverse nslookup) to anyhost within the > 10.100.x network. >you did not create the reverse zone. the zone file should contains something like $TTL 1H @ SOA myhost.lab.company.com. root.myhost.lab.company.com. ( 2 3H 1H 1W 1H ) NS myhost.lab.company.com. 3 IN PTR qaserver2.lab.company.com. 1 IN PTR qaserver2.lab.company.com. 2 IN PTR myhostA.lab.company.com. WARNING. don't forget the trailing dot (...lab.company.com. with a dot at the end). you must tell you bind that it is authoritative for this zone. so in named.conf, add zone "17.168.192.IN-ADDR.ARPA" { type master; file "192.168.17.db"; }; where 192.168.17.db is the name of the zone file. A good reference for DNS is http://www.zytrax.com/books/dns/
Robert Moskowitz
2008-Mar-24 20:17 UTC
[CentOS] simple DNS question - reverse nslookup fails.
vincenzo romero wrote:>> where 192.168.17.db is the name of the zone file. >> >> A good reference for DNS is >> http://www.zytrax.com/books/dns/ >> > > thank you for the reference and response... I have also checked the > above and reviewed it.... and attempted to follow the configuration > file samples; however I noticed in CentOS is that I either: > > - use the Bind Configuration Tool > or > - configure DNS manually (byhand, hence the above reference should be followed). > > As I am a newbie, I attempted to configure using the Bind > Configuration Tool (GUI) that automatically creates my records files; > The questions I have are: >Use webmin. (webmin.com). I am an old hand at BIND and use webmin regularly....> 1. Is there some URL or reference that has a "step-by-step-DNS > configuration" based upon the Bind configuration Tool (GUI)? the > manuals is not a cookbook and could potentially cause newbies to make > mistakes. the HOW-TO-FORGE document - does NOT show step-by-step but > only shows how to INSTALL bind. ... If anyone is aware of such a > link, I would appreciate pointers to where. > > 2. I did not seem to find a place to configure my /etc/resolv.conf - > do I configure this from the Network Manager? Again, I feel that I > should configure all via GUI since it seems that if I configure > sometimes by editing files or by GUI, then the configuration gets > messed up. > > thanks in advance, > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > >