|
Unclear Reverse DNS setup with bind9 (lenny) for subnet
![[de]](/s/countries/de.gif) Carmen Sandiego on Monday, 28 September 2009 18:17:54
hi @all
i tried to get reverse DNS working the last hours, with no success.
My subnet is: 2a01:198:4a0::/48
so i have the following zone:
/etc/bind9/named.conf.local
_________________________________________
zone "0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa" {
type master;
file "/etc/bind/master/sixxs-subnet.conf";
allow-transfer { 2a01:198:200:51b::2; };
};
_________________________________________
now my zone itself:
_________________________________________
;
; 2a01:198:4a0::/48
;
; Zone file built with the fpsn.net IPv6 Reverse DNS zone builder
; http://tools.fpsn.net/ipv6-inaddr
;
$TTL 3d; Default TTL (bind 8 needs this, bind 9 ignores it)
@IN SOA 0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa. postmaster.4lin.net. (
200909280; Serial number (YYYYMMdd)
24h; Refresh time
30m; Retry time
2d; Expire time
3d; Default TTL (bind 8 ignores this, bind 9 needs it)
)
; Name server entries
IN NS ns.4lin.net.
IN NS ns3.4lin.net.
; IPv6 PTR entries
; Subnet #1
$ORIGIN 3.f.3.0.0.0.2.0.8.9.1.0.1.0.a.2.ip6.arpa.
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR ns.4lin.net.
; Subnet #2
$ORIGIN b.1.5.0.0.0.2.0.8.9.1.0.1.0.a.2.ip6.arpa.
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR ns3.4lin.net.
; Subnet #3
$ORIGIN 0.0.0.0.0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa.
1.3.7.6.2.3.e.f.f.f.e.3.6.1.2.0 IN PTR www.4lin.net.
c.4.0.c.9.7.e.f.f.f.e.3.6.1.2.0 IN PTR mail.4lin.net.
;
; End of zone file.
; Thank you for using the fpsn.net IPv6 Reverse DNS zone builder
; Additionally you will need to add the following AAAA record entries
; to their respective zone files:
; ns.4lin.net. IN AAAA 2a01:198:200:3f3::2
; ns3.4lin.net. IN AAAA 2a01:198:200:51b::2
; www.4lin.net. IN AAAA 2a01:198:4a0:0:216:3eff:fe32:6731
; mail.4lin.net. IN AAAA 2a01:198:4a0:0:216:3eff:fe79:c04c
______________________________________________________________
Under the subnet information webform (sixxs website), i used NS "ns.4lin.net" and "ns3.4lin.net". The webquery tool from sixxs says, that there is no primary server:
https://www.sixxs.net/tools/zonecheck/?zone=0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa
ns.4lin.net and ns3.4lin.net are IPs from the normal sixxs tunnel (via AICCU) - so it is possible that PTR records are not working, but www.4lin.net and mail.4lin.net should work.
So, what I'm missing? What is wrong?
cu denny
Unclear Reverse DNS setup with bind9 (lenny) for subnet
Shadow Hawkins on Thursday, 05 November 2009 09:28:11
$TTL 3d;
@IN SOA 0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa. postmaster.4lin.net. (
200911050; Serial number (YYYYMMdd)
24h; Refresh time
30m; Retry time
2d; Expire time
3d; Default TTL (bind 8 ignores this, bind 9 needs it)
)
IN NS ns.4lin.net.
IN NS ns3.4lin.net.
$ORIGIN 0.0.0.0.0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa.
1.3.7.6.2.3.e.f.f.f.e.3.6.1.2.0 IN PTR www.4lin.net.
c.4.0.c.9.7.e.f.f.f.e.3.6.1.2.0 IN PTR mail.4lin.net.
In your config you are mixing subnets.
There are subnets included of your nameservers.
If you wanted to glue nameservers...this is not possible in this zone.
You have to glue in the normal 4lin.net zone.
Depends on your nameserver, mine loaded it correctly and did answer, but ignored the out of zone data, depending on your nameserver config it may refuse to load the zone at all.
With your conf:
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39018
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; QUESTION SECTION:
;1.3.7.6.2.3.e.f.f.f.e.3.6.1.2.0.0.0.0.0.0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa. IN PTR
;; ANSWER SECTION:
1.3.7.6.2.3.e.f.f.f.e.3.6.1.2.0.0.0.0.0.0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa. 259200 IN PTR www.4lin.net.
;; AUTHORITY SECTION:
0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa. 259200 IN NS ns3.4lin.net.
0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa. 259200 IN NS ns.4lin.net.
;; ADDITIONAL SECTION:
ns.4lin.net. 3558 IN A 78.46.96.174
ns.4lin.net. 3558 IN AAAA 2a01:198:200:3f3::2
ns3.4lin.net. 3558 IN AAAA 2a01:198:200:51b::2
;; Query time: 6 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Nov 5 09:19:36 2009
;; MSG SIZE rcvd: 223
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60037
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; QUESTION SECTION:
;c.4.0.c.9.7.e.f.f.f.e.3.6.1.2.0.0.0.0.0.0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa. IN PTR
;; ANSWER SECTION:
c.4.0.c.9.7.e.f.f.f.e.3.6.1.2.0.0.0.0.0.0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa. 259200 IN PTR mail.4lin.net.
;; AUTHORITY SECTION:
0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa. 259200 IN NS ns3.4lin.net.
0.a.4.0.8.9.1.0.1.0.a.2.ip6.arpa. 259200 IN NS ns.4lin.net.
;; ADDITIONAL SECTION:
ns.4lin.net. 3539 IN A 78.46.96.174
ns.4lin.net. 3539 IN AAAA 2a01:198:200:3f3::2
ns3.4lin.net. 3539 IN AAAA 2a01:198:200:51b::2
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Nov 5 09:19:55 2009
;; MSG SIZE rcvd: 224
I tested ns.4lin.net which is replying but not with the expected data.
ns3.4lin.net was not answering at all.
Unclear Reverse DNS setup with bind9 (lenny) for subnet
See ticket #1127716 why this won't work anyway.
("dig +trace <zone>" would have told you that too)
|
![[ch]](/s/countries/ch.gif)
on Thursday, 05 November 2009 10:51:48
Posting is only allowed when you are