Procura inversa de DNS por 10. * Falha

2

Estou tentando configurar o NSD e o Unbound para manipular o DNS interno.

Eu tenho tudo funcionando para pesquisas avançadas, mas os visuais reversos estão falhando.

Não sei o que fazer a seguir, mas olhando para a resposta de digitação (reversa), isso tem algo a ver com minha especificação da zona reversa.

"10.in-addr.arpa" vs "57.142.10.in-addr.arpa"

por favor, veja os arquivos de saída e configuração de escavação abaixo

Dig forward (working):

dig pc01.example.com.au

; <<>> DiG 9.8.3-P1 <<>> pc01.example.com.au
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2821
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;pc01.example.com.au.         IN      A

;; ANSWER SECTION:
pc01.example.com.au. 79883    IN      A       10.142.57.50

;; AUTHORITY SECTION:
example.com.au.       79755   IN      NS      ns1.example.com.au.

;; ADDITIONAL SECTION:
ns1.example.com.au.   79755   IN      A       10.142.57.1

;; Query time: 0 msec
;; SERVER: 10.142.57.1#53(10.142.57.1)
;; WHEN: Tue Nov  1 12:36:38 2016
;; MSG SIZE  rcvd: 91

Dig reverso (não funciona):

dig -x 10.142.57.50

; <<>> DiG 9.8.3-P1 <<>> -x 10.142.57.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24368
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;50.57.142.10.in-addr.arpa.     IN      PTR

;; AUTHORITY SECTION:
10.in-addr.arpa.        10800   IN      SOA     localhost. nobody.invalid. 1 3600 1200 604800 10800

;; Query time: 1 msec
;; SERVER: 10.142.57.1#53(10.142.57.1)
;; WHEN: Tue Nov  1 12:38:25 2016
;; MSG SIZE  rcvd: 102

unbound.conf:

server:
        interface: 10.142.57.1
        interface: 127.0.0.1

        access-control: 0.0.0.0/0 refuse
        access-control: 10.142.57.0/24 allow
        access-control: 127.0.0.0/8 allow

        do-not-query-localhost: no
        hide-identity: yes
        hide-version: yes
        do-ip6: no

        auto-trust-anchor-file: "/var/unbound/etc/root.key"
        root-hints: "/var/unbound/etc/named.cache"

        local-zone: "57.142.10.in-addr.arpa." nodefault

        verbosity: 1

remote-control:
        control-enable: yes
        control-interface: 127.0.0.1

stub-zone:
        name: "example.com.au"
        stub-addr: 127.0.0.1@8053

stub-zone:
        name: "57.142.10.in-addr.arpa."
        stub-addr: 127.0.0.1@8053

nsd.conf:

server:

    server-count: 1 # use this number of cpu cores
    database: "/var/nsd/db/nsd.db"
    zonelistfile: "/var/nsd/db/zone.list"
    username: _nsd
    logfile: "/var/log/nsd.log"
    pidfile: "/var/nsd/run/nsd.pid"
    xfrdfile: "/var/nsd/run/xfrd.state"
    ip-address: 127.0.0.1
    port: 8053

remote-control:
    control-enable: yes

zone:
    name: example.com.au
    zonefile: example.com.au.forward

zone:
    name: 57.142.10.in-addr.arpa
    zonefile: example.com.au.reverse

example.com.au.forward:

$ORIGIN example.com.au.
$TTL 86400
;
@ IN SOA ns1.example.com.au. example.com.au. (
           2016110102  ; serial number
           28800       ; Refresh
           7200        ; Retry
           864000      ; Expire
           86400       ; Min TTL
           )
           IN     NS   ns1.example.com.au.
;
ns1      IN     A    10.142.57.1
pc01     IN     A    10.142.57.50
pc02     IN     A    10.142.57.51
server01 IN     A    10.142.57.254

example.com.au.reverse:

$ORIGIN 57.142.10.in-addr.arpa.
$TTL 86400
;
@ IN SOA ns1.example.com.au. admin.example.com.au. (
           2016110102  ; serial number
           28800       ; Refresh
           7200        ; Retry
           864000      ; Expire
           86400       ; Min TTL
           )
    IN NS ns1.example.com.au.
;
1   PTR ns1.example.com.au.
50  PTR pc01.example.com.au.
51  PTR pc02.example.com.au.
254 PTR server01.example.com.au.
    
por Adz 01.11.2016 / 05:46

0 respostas