Re: [Dnsmasq-discuss] Reverse lookups not working in authoritative mode

Wed, 12 Mar 2014 02:33:34 -0700 

Le 12/03/2014 09:04, Franco Broi a écrit :

On Wed, 2014-03-12 at 08:55 +0100, Albert ARIBAUD wrote:

Hi Franco,

Le 12/03/2014 04:39, Franco Broi a écrit :

Hi

I just configured my dnsmasq server to be authoritative but now reverse
lookups don't work. With debug turned on I can see that the address is
resolved and with strace I can even see the resolved hostname being sent
in sendmsg but the machine doing the query says  not found: 3(NXDOMAIN).
If I remove the auth-server option it works as expected.

My configuration is minimal:

domain=aus.abc.com
auth-server=perth1.aus.abc.com,eth0
auth-zone=aus.abc.com,10.150.32.0/20

[franco@tc1 ~]$ host 10.150.35.105 perth1
Using domain server:
Name: perth1
Address: 10.150.35.111#53
Aliases:

Host 105.35.150.10.in-addr.arpa. not found: 3(NXDOMAIN)


Rather than 'host', try using 'dig' and see what server answered the
request (comment at the end of the dig output). Either it is perth1, and
you will have to investigate further, or it is e.g. a local DNS on
franco, which forwards to perth1 (and does something weird regarding
aythoritative answers) and you'll have to investigate that other NS.


Dig works, and it's perth1 listed as the server:

[franco@tc1 ~]$ dig -x 10.150.35.105 @perth1

; <<>> DiG 9.9.4-P2-RedHat-9.9.4-11.P2.fc20 <<>> -x 10.150.35.105 @perth1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51432
;; flags: qr aa rd ad; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;105.35.150.10.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
105.35.150.10.in-addr.arpa. 600 IN      PTR     mds1.aus.abc.com.

;; AUTHORITY SECTION:
150.10.in-addr.arpa.    600     IN      NS      perth1.aus.abc.com.

;; Query time: 0 msec
;; SERVER: 10.150.35.111#53(10.150.35.111)
;; WHEN: Wed Mar 12 16:00:54 WST 2014
;; MSG SIZE  rcvd: 125
Ok -- so next step is to ask an independent observer what is going on both with and without auth-server. Can you run Wireshark on Franco ? 

Amicalement,
--
Albert.

_______________________________________________
Dnsmasq-discuss mailing list
[email protected]
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to