Not able to load reverse zone with bind

Question

I've created a simple bind dns server to host 3 zones in a test lab.

bath.local (192.168.100.0/24)
munich.local (192.168.101.0/24)
dhcp.local (192.168.99.0/24)

I want forward and reverse resolution, but I cannot validate the reverse config.

Am I missing some key concept here, or is this just a typo ?

Many thanks in advance!

I'm using the following as my /etc/named.conf

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
        listen-on port 53 { 
                127.0.0.1; 
                192.168.99.2; 
                192.168.100.2; 
                192.168.101.2; 
              }; ### Master DNS IP ###

        listen-on-v6 port 53 { ::1; };
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     {
                         localhost;
                         192.168.99.0/24;
                         192.168.100.0/24;
                         192.168.101.0/24;
                        }; ### IP Range ###
        recursion yes;
        dnssec-enable no;
        dnssec-validation no;
        // dnssec-lookaside auto;
        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";
        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "dhcp.local" IN {
        type master;
        file "forward.dhcp.local";
        allow-update { none; };
};

zone "bath.local" IN {
        type master;
        file "forward.bath.local";
        allow-update { none; };
};

zone "munich.local" IN {
        type master;
        file "forward.munich.local";
        allow-update { none; };
};

zone"99.168.192.in-addr.arpa" IN {
        type master;
        file "reverse.dhcp.local";
        allow-update { none; };
};

zone"100.168.192.in-addr.arpa" IN {
        type master;
        file "reverse.bath.local";
        allow-update { none; };
};

zone"101.168.192.in-addr.arpa" IN {
        type master;
        file "reverse.munich.local";
        allow-update { none; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

This relies on 3 forward and 3 reverse files in /var/named/[forward.*|reverse.*]

/var/named
├── data
├── dynamic
├── forward.bath.local
├── forward.dhcp.local
├── forward.munich.local
├── named.ca
├── named.empty
├── named.localhost
├── named.loopback
├── reverse.bath.local
├── reverse.dhcp.local
├── reverse.munich.local
└── slaves

Picking just one (bath.local), the forward config is

[root@dhcp named]# cat forward.bath.local
$TTL 86400
@   IN  SOA     dns.bath.local root.bath.local. (
        2011071001  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@       IN  NS          dns.bath.local.
@       IN  A           192.168.100.2
dns     IN  A           192.168.100.2
router     IN  A           192.168.100.1

The reverse config is [root@dhcp named]# cat reverse.bath.local

$TTL 86400
@   IN  SOA     dns.bath.local. root.bath.local. (
        2011071001  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
100.168.192.in-addr.arpa.       IN  NS          dns.bath.local.

2     IN  PTR         dns.bath.local.

When I validate the forward config all is ok

[root@dhcp named]# named-checkzone tsvtest /var/named/forward.bath.local
zone tsvtest/IN: loaded serial 2011071001
OK

But the reverse fails

[root@dhcp named]# named-checkzone tsvtest /var/named/reverse.bath.local 
/var/named/reverse.bath.local:9: ignoring out-of-zone data (100.168.192.in-addr.arpa)
zone tsvtest/IN: has no NS records
zone tsvtest/IN: not loaded due to errors.

Any ideas ?

score 2 · Accepted Answer · answered May 20 '15 at 16:28

2

1) (Common) Fwd zone , line 2 dns.bath.local needs a period following dns.bath.local.

2) remove line 9

====== reverse zone 1) BIND wants that reverse file to be named 100.168.192.in-addr.arpa the domain specified in BINDD reverse files is the name of the IP subnet NOT the name of the forward domain. Your revese file has noting to do with bath.local, and everything to do with 192.168.100.x

2) line 9 - remove the 100.168.192.in-addr.arpa from the beginning of the line.

3) Please post you /etc/named.conf so we can check whats in that.

answered May 20 '15 at 16:28

David Nilson

409
2
5

Thanks David, it looks like my error was even more simple than that. Looking at this, I wasn't using the correct parameters for named-checkzone `[root@dhcp named]# named-checkzone 100.168.192.in-addr.arpa /var/named/reverse.bath.local zone 100.168.192.in-addr.arpa/IN: loaded serial 2011071001 OK` I'll look at the comments you made as I mny well have made further errors. Thanks again! – Bovril May 20 '15 at 16:34

Not able to load reverse zone with bind

1 Answers1