Maintained by: NLnet Labs

[Unbound-users] reverse lookup stub zone

Ihsan Dogan
Sun May 17 12:18:19 CEST 2009


Am 16.5.2009 18:48 Uhr, Paul Wouters schrieb:

>> >> I've set up extra stub zone in my unbound configuration. While the
>> >> forward lookup works fine, the reverse look up does not work.
>> >>
>> >> This is what I've specified in my unbound.conf:
>> >> stub-zone:
>> >>     name: "42.168.192.in-addr.arpa"
>> >>     stub-addr: "192.168.42.3"
>> >>
>> >> Do I have to specify the entry for 42.168.192.in-addr.arpa differently
>> >> or did I made some other mistake?
> >
> > That should work fine. Though I personally like to add trailing dots
> > everywhere to ensure all the software takes the name as FQDN.

Do you mean .42.168.192.in-addr.arpa instead of 42.168.192.in-addr.arpa?

> > Are you sure the authoritative nameserver is working? can you try:
> >
> > dig -t ns 42.168.192.in-addr.arpa. @192.168.42.3

Yes, it works correctly:
ihsan at kraftbuech:~$ dig -t ns 42.168.192.in-addr.arpa. @192.168.42.3

; <<>> DiG 9.4.3-P1 <<>> -t ns 42.168.192.in-addr.arpa. @192.168.42.3
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24447
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;42.168.192.in-addr.arpa.	IN	NS

;; ANSWER SECTION:
42.168.192.in-addr.arpa. 3600	IN	NS	ns.lan.dogan.ch.

;; ADDITIONAL SECTION:
ns.lan.dogan.ch.	3600	IN	A	192.168.42.2

;; Query time: 1 msec
;; SERVER: 192.168.42.3#53(192.168.42.3)
;; WHEN: Sun May 17 12:05:57 2009
;; MSG SIZE  rcvd: 86

But if send the query to the Unbound resolver, I don't get an answer:
ihsan at kraftbuech:~$ dig -t ns 42.168.192.in-addr.arpa. @192.168.42.2

; <<>> DiG 9.4.3-P1 <<>> -t ns 42.168.192.in-addr.arpa. @192.168.42.2
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57169
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.168.192.in-addr.arpa.	IN	NS

;; AUTHORITY SECTION:
168.192.in-addr.arpa.	10800	IN	SOA	localhost. nobody.invalid. 1 3600
1200 604800 10800

;; Query time: 5 msec
;; SERVER: 192.168.42.2#53(192.168.42.2)
;; WHEN: Sun May 17 12:05:54 2009
;; MSG SIZE  rcvd: 100



Ihsan
-- 
ihsan at dogan.ch http://blog.dogan.ch/