Tuesday, June 9, 2009

Sample Reverse Zone File


Now you need to make sure that you can do a host query on all your home network's PCs and get their correct IP addresses. This is very important if you are running a mail server on your network, because sendmail typically relays mail only from hosts whose IP addresses resolve correctly in DNS. NFS, which is used in network-based file access, also requires valid reverse lookup capabilities.

This is an example of a zone file for the 192.168.1.x network. All the entries in the first column refer to the last octet of the IP address for the network, so the IP address 192.168.1.100 points to the name bigboy.my-site.com.

Notice how the main difference between forward and reverse zone files is that the reverse zone file only has PTR and NS records. Also the PTR records cannot have CNAME aliases. 

;
; Filename: 192-168-1.zone
;
; Zone file for 192.168.1.x
;
$TTL 3D
@       IN        SOA        www.my-site.com.  hostmaster.my-site.com. (
                           200303301          ; serial number
                           8H                 ; refresh, seconds
                           2H                 ; retry, seconds
                           4W                 ; expire, seconds
                           1D )               ; minimum, seconds

                 NS         www                ; Nameserver Address

100                PTR        bigboy.my-site.com.
103                PTR        smallfry.my-site.com.
102                PTR        ochorios.my-site.com.
105                PTR        reggae.my-site.com.

32                 PTR        dhcp-192-168-1-32.my-site.com.
33                 PTR        dhcp-192-168-1-33.my-site.com.
34                 PTR        dhcp-192-168-1-34.my-site.com.
35                 PTR        dhcp-192-168-1-35.my-site.com.
36                 PTR        dhcp-192-168-1-36.my-site.com.

I included entries for addresses 192.168.1.32 to 192.168.1.36, which are the addresses the DHCP server issues. SMTP mail relay wouldn't work for PCs that get their IP addresses via DHCP if these lines weren't included.

You may also want to create a reverse zone file for the public NAT IP addresses for your home network. Unfortunately, ISPs won't usually delegate this ability for anyone with less than a Class C block of 256 IP addresses. Most home DSL sites wouldn't qualify.

Loading Your New Configuration Files

Make sure your configuration files are in the correct locations and the serial numbers of the zone files you may have modified have been updated. If all seems correct, restart BIND named daemon for the configuration to become active. 

[root@bigboy tmp]# /etc/init.d/named restart

Take a look at the end of your /var/log/messages file to make sure there are no errors.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)