Hi,
This post is very short but perhaps very useful. There is less documentation on the Internet than expected.
Objective:
a) Set the reverse DNS and forward DNS match for a / 24 in BIND9 using $GENERATE.
Requirements:
- A /24 network (of course, you can adapt the example to other networks)
- BIND9
- We will use A and PTR records
Example:
Network: 192.168.30.0/24
Domain: example.com
Let's make the rDNS for 192.168.30.X resolved to: X.client.example.com
Similarly, X.client.example.com to resolve to 192.168.30.X
It would be like this:
192.168.30.1 ---> 1.client.example.com
192.168.30.2 ---> 2.client.example.com
192.168.30.3 ---> 3.client.example.com
1.client.example.com ---> 192.168.30.1
2.client.example.com ---> 192.168.30.2
3.client.example.com ---> 192.168.30.3
(Etc)
Steps:
We create reverse zone in /etc/bind/named.conf.
a) The reverse zone:
zone "30.168.192.in-addr.arpa" {
type master;
file "30.168.192.in-addr.arpa.db";
allow-query {any; };
};
After that, then in file 30.168.192.in-addr.arpa.db place the following:
This post is very short but perhaps very useful. There is less documentation on the Internet than expected.
Objective:
a) Set the reverse DNS and forward DNS match for a / 24 in BIND9 using $GENERATE.
Requirements:
- A /24 network (of course, you can adapt the example to other networks)
- BIND9
- We will use A and PTR records
Example:
Network: 192.168.30.0/24
Domain: example.com
Let's make the rDNS for 192.168.30.X resolved to: X.client.example.com
Similarly, X.client.example.com to resolve to 192.168.30.X
It would be like this:
192.168.30.1 ---> 1.client.example.com
192.168.30.2 ---> 2.client.example.com
192.168.30.3 ---> 3.client.example.com
1.client.example.com ---> 192.168.30.1
2.client.example.com ---> 192.168.30.2
3.client.example.com ---> 192.168.30.3
(Etc)
Steps:
We create reverse zone in /etc/bind/named.conf.
a) The reverse zone:
zone "30.168.192.in-addr.arpa" {
type master;
file "30.168.192.in-addr.arpa.db";
allow-query {any; };
};
After that, then in file 30.168.192.in-addr.arpa.db place the following:
$TTL 86400 ; 24 hours, could have been written as 24h or 1d
@ 1D IN SOA localhost. hostmaster.example.com. (
2002022401 ; serial
3H ; refresh
15 ; retry
1w ; expire
3h ; minimum
)
; Name servers for the zone - both out-of-zone - no A RRs required
NS localhost.
$GENERATE 1-255 $ PTR $.client.example.com.
b) The forward DNS is doing the following in the client.example.com zone file:
$TTL 86400 ; 24 hours, could have been written as 24h or 1d
@ 1D IN SOA localhost. hostmaster.example.com. (
2002022401 ; serial
3H ; refresh
15 ; retry
1w ; expire
3h ; minimum
)
; Name servers for the zone - both out-of-zone - no A RRs required
NS localhost.
$GENERATE 1-255.client.example.com $ A 192.168.30.$
Testing:
#dig -x 192.168.30.3 (reverse dns)
#dig 3.cliente.ejemplo.com (forward dns)
#dig -x 192.168.30.3 (reverse dns)
#dig 3.cliente.ejemplo.com (forward dns)
P.S. As usual there can be more than way of doing this kind of things.
No comments:
Post a Comment