[CentOS] simple DNS question - reverse nslookup fails.

Fri Mar 21 19:59:46 UTC 2008

vincenzo romero wrote:
> Hello all,
>
> I am trying to configure a subdomain DNS server on a Cent OS 5.1 - for
> my lab.  Brief configuration:
>
> Lab machine ---> 192.168.17.2 (should respond to DNS queries from
> hosts in 192.168.16.0/20 network)
>
> 1.  I would also like to forward any queries outside the above network
> to our corporate domain (no firewalls between our 192.168.16.x network
> and the corporate network.  The domain server is:  dns.company.com
> with an IP of 10.100.1.2 (255.255.255.0).
>
> 2.  What I have configured is:
>
> 192.168.17.2 --> myhost.lab.company.com
> 10.100.1.2 -->  dns.company.com
>
> 3.  Installed the dns bind 9 in myhost and set basic configuration via
> the system-config-bind GUI.  My configuration file specific to my
> setup there is:
>
>  cat lab.maxiscale.com.db
> $TTL 1H
> @       SOA     myhost.lab.company.com.
> root.myhost.lab.company.com. (       2
>                                                 3H
>                                                 1H
>                                                 1W
>                                                 1H )
>         NS      myhost.lab.company.com.
> qaserver2 A       192.168.17.3
> qaserver1 A       192.168.17.1
> myhost A       192.168.17.2
>
> =================
>
> The rest of the DNS/Bind records were based upon the auto-generated
> files from the Bind GUI Config tool.
>
> 3.  I also changed myhost's resolv.conf to reflect the following:
>
> search lab.mycompany.com
> 192.168.17.2
> search mycompany.com
> 10.100.1.2
>   
what's this?  should be:

search lab.mycompany.com mycompany.com
server 192.168.17.2
server 10.100.1.2
> ======
>
> PROBLEM:
>
> 1.  When I am in myhost.com, I can perform:
> a.  nslookup hostname (to any host within 192.168.x and 10.100.x networks)
> b.  nslookup ip to anyhost wtihin both networks.
>
> 2.  When I am in one of the hosts within 192.168.x aside from
> myhost.com (for example, qaserver1 or qaserver2):
>
> a: SUCCESS to nslookup hostname to any host within BOTH networks.
> b.  FAILS to nslookup ip (reverse nslookup) to anyhost within the
> 10.100.x network.
>   

you did not create the reverse zone. the zone file should contains 
something like

$TTL 1H
@       SOA     myhost.lab.company.com.
root.myhost.lab.company.com. (       2
                                                3H
                                                1H
                                                1W
                                                1H )
        NS      myhost.lab.company.com.

3              IN      PTR     qaserver2.lab.company.com.
1              IN      PTR     qaserver2.lab.company.com.
2              IN      PTR     myhostA.lab.company.com.

WARNING. don't forget the trailing dot (...lab.company.com. with a dot 
at the end).

you must tell you bind that it is authoritative for this zone. so in 
named.conf, add

zone "17.168.192.IN-ADDR.ARPA" {
        type master;
        file "192.168.17.db";
};

where 192.168.17.db is the name of the zone file.

A good reference for DNS is
    http://www.zytrax.com/books/dns/