[Dnsmasq-discuss] Reverse lookups not working in authoritative mode

Simon Kelley simon at thekelleys.org.uk
Wed Mar 12 10:45:29 UTC 2014


On 12/03/14 10:27, Franco Broi wrote:
> Not sure what you mean but dig -x works so maybe host doesn't understand the output of dnsmaq?
> 

It's quite possible that dig is sending the query to dnsmasq directly,
whilst dig is sending it to the recursive servers at your ISP, which are
seeing the "global" view of the DNS, and not the local records. Since
you're using authoritative mode, I assume you want these records to
appear for everyone, everywhere.

To do that for the reverse lookups, you need to have whoever owns the IP
space you're using install a record

35.150.10.in-addr.arpa. NS perth1.aus.abc.com

so that resolvers out on the internet know where to send the query.


BUT 10.150.32.0 is an RFC1918 reserved address, so there's no point in
putting records containing that address in the global internet. Why are
you using authoritative mode at all?

Cheers,

Simon.


> On 12 Mar 2014 18:11, Simon Kelley <simon at thekelleys.org.uk> wrote:
> Have you delegated 35.150.10.in-addr.arpa. to the machine running dnsmasq?
> 
> Simon.
> 
> 
> 
> On 12/03/14 03:39, Franco Broi wrote:
>> Hi
>>
>> I just configured my dnsmasq server to be authoritative but now reverse
>> lookups don't work. With debug turned on I can see that the address is
>> resolved and with strace I can even see the resolved hostname being sent
>> in sendmsg but the machine doing the query says  not found: 3(NXDOMAIN).
>> If I remove the auth-server option it works as expected.
>>
>> My configuration is minimal:
>>
>> domain=aus.abc.com
>> auth-server=perth1.aus.abc.com,eth0
>> auth-zone=aus.abc.com,10.150.32.0/20
>>
>> [franco at tc1 ~]$ host 10.150.35.105 perth1
>> Using domain server:
>> Name: perth1
>> Address: 10.150.35.111#53
>> Aliases:
>>
>> Host 105.35.150.10.in-addr.arpa. not found: 3(NXDOMAIN)
>>
>>
>> [root at perth1 src]# dnsmasq -d -q
>> dnsmasq: started, version 2.68 cachesize 150
>> dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth
>> dnsmasq: warning: no upstream servers configured
>> dnsmasq: read /share/system/etc/hosts - 282 addresses
>> dnsmasq: auth[PTR] 105.35.150.10.in-addr.arpa from 10.150.35.201
>> dnsmasq: /share/system/etc/hosts 10.150.35.105 is mds1.aus.abc.com
>>
>> Cheers,35.150.10.in-addr.arpa.
>>
>>
>>
>> _______________________________________________
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss at lists.thekelleys.org.uk
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>>
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 
> ________________________________
> 
> 
> This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If you are not the original recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you received this email in error, please immediately notify the sender and delete the original.
> 
> 




More information about the Dnsmasq-discuss mailing list