[Dnsmasq-discuss] Reverse lookups not working in authoritative mode
albert.aribaud at free.fr
Wed Mar 12 09:30:59 UTC 2014
Le 12/03/2014 09:04, Franco Broi a écrit :
> On Wed, 2014-03-12 at 08:55 +0100, Albert ARIBAUD wrote:
>> Hi Franco,
>> Le 12/03/2014 04:39, Franco Broi a écrit :
>>> I just configured my dnsmasq server to be authoritative but now reverse
>>> lookups don't work. With debug turned on I can see that the address is
>>> resolved and with strace I can even see the resolved hostname being sent
>>> in sendmsg but the machine doing the query says not found: 3(NXDOMAIN).
>>> If I remove the auth-server option it works as expected.
>>> My configuration is minimal:
>>> [franco at tc1 ~]$ host 10.150.35.105 perth1
>>> Using domain server:
>>> Name: perth1
>>> Address: 10.150.35.111#53
>>> Host 126.96.36.199.in-addr.arpa. not found: 3(NXDOMAIN)
>> Rather than 'host', try using 'dig' and see what server answered the
>> request (comment at the end of the dig output). Either it is perth1, and
>> you will have to investigate further, or it is e.g. a local DNS on
>> franco, which forwards to perth1 (and does something weird regarding
>> aythoritative answers) and you'll have to investigate that other NS.
> Dig works, and it's perth1 listed as the server:
> [franco at tc1 ~]$ dig -x 10.150.35.105 @perth1
> ; <<>> DiG 9.9.4-P2-RedHat-9.9.4-11.P2.fc20 <<>> -x 10.150.35.105 @perth1
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51432
> ;; flags: qr aa rd ad; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
> ;; QUESTION SECTION:
> ;188.8.131.52.in-addr.arpa. IN PTR
> ;; ANSWER SECTION:
> 184.108.40.206.in-addr.arpa. 600 IN PTR mds1.aus.abc.com.
> ;; AUTHORITY SECTION:
> 150.10.in-addr.arpa. 600 IN NS perth1.aus.abc.com.
> ;; Query time: 0 msec
> ;; SERVER: 10.150.35.111#53(10.150.35.111)
> ;; WHEN: Wed Mar 12 16:00:54 WST 2014
> ;; MSG SIZE rcvd: 125
Ok -- so next step is to ask an independent observer what is going on
both with and without auth-server. Can you run Wireshark on Franco ?
More information about the Dnsmasq-discuss