[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] More reverse DNS issues.

Subject: [cobalt-users] More reverse DNS issues.
From: john_galt@xxxxxxx
Date: Fri Oct 11 08:19:01 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

How do you make secondary name server records for reverse DNS zones?

Background:

We have a RaQ-2 if that matters.

Our ISP (uunet/worldcom) uses non-RFC2317 zone names for reverse DNS.
They don't 
have the "/nn" in their zone names. I found a file in /etc called
cobaltdns.conf 
(I found out about this file searching through the archives here) which
appears to 
have the formats for the reverse DNS records in it. I also found a file
called 
cobaltdns.OCN-JT. This cobaltdns.OCN-JT seems to have the correct
formats for the 
style of reverse DNS records that UUnet uses. So I copied
cobaltdns.OCN-JT over 
cobaltdns.conf. Once I did this my reverse DNS records all looked good. 

The problem:

Then, it came time to add secondary name server records for the reverse
zone. When 
I did this, all hell broke loose. The results were seriously FUBAR. I
went in to 
the GUI and added a NS record for our reverse DNS zone. For the purpose
of this 
message, let's say our subnet is 63.80.63.80/28 (a 255.255.255.240
subnet mask). 
Our actual address are slightly different, but we have the same subnet
mask. 

So, when I created the NS record, I used 80.63.80.63.in-addr.arpa for
the domain 
name and I pointed it to the name server auth20.ns.wcom.com. I also
entered a 
second NS record for the same domain pointing to the name server 
auth10.ns.wcom.com.

Here's the files that the GUI built after this change:

-- /etc/named.boot ---------------------------------------------------
directory /etc/named
cache . db.cache
primary double-envelope.com pri.double-envelope.com
primary 80.63.80.63.in-addr.arpa pri.80.63.80.63.in-addr.arpa
primary 80.63.80.63.in-addr.arpa pri.80-28.63.80.63.in-addr.arpa
primary 0.0.127.in-addr.arpa pri.0.0.127.in-addr.arpa           
-------------------------------------------- end /etc/named.boot -----

-- /etc/named.conf ---------------------------------------------------
options { directory "/etc/named"; };
zone "." { type hint; file "db.cache"; };
zone "double-envelope.com" { type master; file
"pri.double-envelope.com"; };
zone "80.63.80.63.in-addr.arpa" { type master; file
"pri.80.63.80.63.in-addr.arpa"; };
zone "80.63.80.63.in-addr.arpa" { type master; file
"pri.80-28.63.80.63.in-addr.arpa"; };
zone "0.0.127.in-addr.arpa" { type master; file
"pri.0.0.127.in-addr.arpa"; };
[root /etc]#                      
-------------------------------------------- end /etc/named.conf -----

-- /etc/named/pri.80.63.80.63.in-addr.arpa ---------------------------
@ IN SOA ns.ourdomain.com. root.ns.ourdomain.com. ( 2002101111 10800
3600 604800 86400 )
 IN NS ns.ourdomain.com.
 IN NS auth20.ns.wcom.com.
 IN NS auth10.ns.wcom.com.         
-------------------- end /etc/named/pri.80.63.80.63.in-addr.arpa -----

-- /etc/named/pri.80-28.63.80.63.in-addr.arpa ------------------------
@ IN SOA ns.ourdomain.com. root.ns.ourdomain.com. ( 2002101109 10800
3600 604800 86400 )
 IN NS ns.ourdomain.com.
83      in      ptr     ns.ourdomain.com.
84      in      ptr     mail.ourdomain.com.
82      in      ptr     fw.ourdomain.com.      
----------------- end /etc/named/pri.80-28.63.80.63.in-addr.arpa -----

-- /etc/named/records ------------------------------------------------
a fw ourdomain.com 63.80.63.82 24
ptr ns ourdomain.com 63.80.63.83 28
a ns ourdomain.com 63.80.63.83 28
ptr mail ourdomain.com 63.80.63.84 28
ns - 80.63.80.63.in-addr.arpa - auth20.ns.wcom.com
ptr fw ourdomain.com 63.80.63.82 28
ns - ourdomain.com - auth20.ns.wcom.com
a mail ourdomain.com 63.80.63.84 28
a - ourdomain.com 63.80.63.82 24
mx - ourdomain.com High fw.ourdomain.com
ns - ourdomain.com - auth10.ns.wcom.com
ns - 80.63.80.63.in-addr.arpa - auth10.ns.wcom.com   
----------------------------------------- end /etc/named/records -----

This is horrible!!!!  It doesn't work at all!!!!

This is what the named configuration files had after saving from the
GUI. The name 
server was only showing NS records when I queried it for a zone transfer
on 
80.63.80.63.in-addr.arpa, it wasn't responding with any of the PTR
records for the 3 hosts in the zone.

I had to go in through telnet to clean up the /etc/named.conf and
/etc/named.boot 
files so that there was only one entry for the 80.63.80.63.in-addr.arpa
zone, and I 
added the two name server records to the
/etc/named/pri.80-28.63.80.63.in-addr.arpa 
file, and deleted the erroneous pri.80.63.80.63.in-addr.arpa file.

Is it even possible to maintain secondary name server records for the
reverse zones 
through the GUI? Or will I always have to go in and manually fix up what
the GUI 
makes FUBAR when I have secondary servers for my reverse zones?

/etc/named/records looks pretty good. It's pretty close to what I would
expect 
there. But why did it build two different incomplete files for the
reverse zone? 
and why did it make two entries for the same identical reverse zone in
named.boot 
and named.conf?

-- 
Who is John Galt?

Follow-Ups:
- Re: [cobalt-users] More reverse DNS issues.
  - From: Gerald Waugh

Prev by Date: Re: [cobalt-users] RV: Cann't uninstall mailscanner
Next by Date: Re: [cobalt-users] More reverse DNS issues.
Previous by thread: Re: [cobalt-users] Question on SHP
Next by thread: Re: [cobalt-users] More reverse DNS issues.

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index