Zone settings in BIND are not loaded correctly

Asked 2 years ago, Updated 2 years ago, 415 views

We built a DNS server by creating a ZONE configuration file similar to the following as test.local, test.local.rev.

However, if you look at the journalctl and see that these files are not loaded properly, you will see.
Could you tell me exactly what is wrong with the ZONE setting?

test.local

$TTL86400

@   IN SOA center01.test.local.(
                    2020020501;serial
                    28800; refresh
                    14400;retry
                    3600000;expire
                    86400); minimum
    INNScent01.test.local.
cent01.test.local.INA 1.4.7.31
center02.test.local.INA 1.4.7.32

test.local.rev

$TTL86400
@   IN SOA center01.test.local.(
                    2020020501;serial
                    28800; refresh
                    14400;retry
                    3600000;expire
                    86400); minimum
    INNScent01.test.local.
1.4.7.31 INPTR center01.test.local
1.4.7.32 INPTR center02.test.local

Add
If you change the settings below, the DNS server appears to be working properly.If you check with named-checkzone, it says OK.I put root.test.local. However, if you try nslookup 1.4.7.31 from another PC to the DNS server, **server can't find 31.4.7.1.in-addr.arpa.: NXDOMAIN will be displayed.The actual IP present is 1.4.7.31. On the contrary, if you try nslookup cent01.test.local, the name resolution will be correct, and if you try nslookup cent01, you will receive the following error: ** server can't find center01:NXDOMAIN I think this is the expected behavior. Could you tell me why you can't do reverse drawing well?

test.local

$TTL86400

@   IN SOA center01.test.local.root.test.local.(
                    2020020501;serial
                    28800; refresh
                    14400;retry
                    3600000;expire
                    86400); minimum
    INNScent01.test.local.
cent01.test.local.INA 1.4.7.31
center02.test.local.INA 1.4.7.32

test.local.rev

$TTL86400
@   IN SOA center01.test.local.root.test.local.(
                    2020020501;serial
                    28800; refresh
                    14400;retry
                    3600000;expire
                    86400); minimum
    INNScent01.test.local.
1.4.7.31 INPTR center01.test.local
1.4.7.32 INPTR center02.test.local

The named.conf is as follows.

options{
    listen-on port 53 {1.4.7.34;};
    # listen-on-v6 port53 {::1;};
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    recurring-file "/var/named/data/named.recursing";
    secroots-file "/var/named/data/named.secroots";
    allow-query {1.4.7.0/24;};

    /* 
     - If you are building an AUTHORITIVE DNS server, do NOT enable recovery.
     - If you are building a RECURSIVE (caching) DNS server, you need to enable 
       recovery. 
     - If your recurring DNS server has a public IP address, you MUST enable access 
       control to limit queries to your legacy users. Failing to do so will
       cause your server to become part of large scale DNS amplification 
       attacks.Implementing BCP38 with your network would be great
       reduce Such attack surface 
    */
    recurrence yes;

    dnssec-enable yes;
    dnssec-validation yes;

    /* Path to ISC DLV key*/
    bindkeys-file "/etc/named.root.key";

    managed-keys-directory "/var/named/dynamic";

    pid-file "/run/named/named.pid";
    session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "test.local" IN {
    type master;
    file "test.local";
};

zone "zone.rev" {
    type master;
    file "test.local.rev";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

centos dns

2022-09-30 21:50

1 Answers

named-checkzone results in an error.
SOA is missing.
It should be SOA DNS server email address (replaced @ with .) 

 (example)
@   IN SOA center01.test.local.root.test.local.(

(July 3, 2020 23:12) Add

Reverse subtraction adds a special domain called in-addr.arpa..
IPv4 addresses A.B.C.D correspond in reverse order to D.C.B.A.in-addr.arpa..
The zone with network address 1.4.7.0/24 is described as follows:

 (named.conf)
zone "7.4.1.in-addr.arpa" {
        type master;
        file "test.local.rev";
};

Also, test.local.rev should only contain the fourth octet or write all of it up to in-addr.arpa.

 (test.local.rev)
31 INPTR center01.test.local.
32 INPTR center02.test.local.

    or
31.7.4.1.in-addr.arpa.INPTRcent01.test.local.
32.7.4.1.in-addr.arpa.INPTRcent02.test.local.

2022-09-30 21:50

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

572 rails db:create error: Could not find mysql2-0.5.4 in any of the sources

617 Uncaught (inpromise) Error on Electron: An object could not be cloned

911 When building Fast API+Uvicorn environment with PyInstaller, console=False results in an error

610 GDB gets version error when attempting to debug with the Presense SDK (IDE)

574 Who developed the "avformat-59.dll" that comes with FFmpeg?

© 2024 OneMinuteCode. All rights reserved.