You might want to change `masterfile-style` configuration option: https://bind9.readthedocs.io/en/latest/reference.html?highlight=masterfile-style#tuning
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
> On 27. 1. 2021, at 14:23, Ondřej Surý <ond...@isc.org> wrote:
>
> Greg,
>
> there’s nothing wrong with the zone contents. $ORIGIN means “now append this
> to every name not ending with dot”.
>
> Ondřej
> --
> Ondřej Surý — ISC (He/Him)
>
>> On 27. 1. 2021, at 14:06, Greg Donohoe <dubgr...@gmail.com> wrote:
>>
>>
>> Hello. I am hoping that someone can help me to figure out the cause of an
>> issue I am seeing when running nsupdate on my BIND9 server.
>> Below you will find all the the details as to how my server is configured
>> and also the nsupdate commands that I am running.
>>
>> The issue I am seeing is that I have configured a /16 10.10.in-addr.arpa
>> reverse zone, however when I execute nsupdate the 10.10.in-addr.arpa.dns
>> zone file re formats the $ORIGIN to a /24 156.10.10.in-addr.arpa.
>> This appears to be an issue with nsupdate rather than BIND itself as I can
>> manually amend the 10.10.in-addr.arpa.dns zone file whcih always remains in
>> a /16 format.
>>
>> Please see below for details and if you need any further information please
>> let me know.
>>
>> ###############################
>> named.conf
>> ###############################
>> greg@hp-linux:/etc/bind$ cat named.conf
>> ## OPTIONS
>> options {
>> directory "/var/cache/bind";
>>
>> recursion no;
>> listen-on port 53 { any; };
>> allow-query { any; };
>> allow-update { any; };
>>
>> forwarders {
>> 10.10.8.120;
>> 10.196.207.11;
>> };
>>
>> dnssec-validation auto;
>>
>> auth-nxdomain no; # conform to RFC1035
>> listen-on-v6 { any; };
>> };
>>
>>
>> ## ZONES
>> # Zone statement for forward DNS lookups
>> zone "example.com" IN {
>> type master;
>> file "/etc/bind/master/example.com.dns";
>> allow-update { any; };
>> };
>> zone "10.10.in-addr.arpa" IN {
>> type master;
>> file "/etc/bind/master/10.10.in-addr.arpa.dns";
>> allow-update { any; };
>> };
>>
>> ###################################################
>> The batch.txt file I use to run nsupdate
>> ###################################################
>> server 127.0.0.1
>> zone example.com
>> update add test.example.com 86400 IN A 10.10.156.37
>> send
>> server 127.0.0.1
>> zone 10.10.in-addr.arpa.
>> update add 37.156.10.10.in-addr.arpa. 86400 IN PTR test.example.com
>> send
>> server 127.0.0.1
>> zone example.com
>> update add test1.example.com 86400 IN A 10.10.156.38
>> send
>> server 127.0.0.1
>> zone 10.10.in-addr.arpa.
>> update add 38.156.10.10.in-addr.arpa. 86400 IN PTR test1.example.com
>> send
>>
>> ######################################################
>> nsupdate debug output
>> ######################################################
>> greg@hp-linux:/etc/bind/master$ nsupdate -D -v batch1.txt
>> setup_system()
>> reset_system()
>> user_interaction()
>> do_next_command()
>> do_next_command()
>> do_next_command()
>> evaluate_update()
>> update_addordelete()
>> do_next_command()
>> start_update()
>> send_update()
>> Sending update to 127.0.0.1#53
>> show_message()
>> Outgoing update query:
>> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 15755
>> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
>> ;; ZONE SECTION:
>> ;example.com. IN SOA
>>
>> ;; UPDATE SECTION:
>> test.example.com. 86400 IN A 10.10.156.37
>>
>> update_completed()
>> show_message()
>>
>> Reply from update query:
>> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 15755
>> ;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
>> ;; ZONE SECTION:
>> ;example.com. IN SOA
>>
>> done_update()
>> reset_system()
>> user_interaction()
>> do_next_command()
>> do_next_command()
>> do_next_command()
>> evaluate_update()
>> update_addordelete()
>> do_next_command()
>> start_update()
>> send_update()
>> Sending update to 127.0.0.1#53
>> show_message()
>> Outgoing update query:
>> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 38067
>> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
>> ;; ZONE SECTION:
>> ;10.10.in-addr.arpa. IN SOA
>>
>> ;; UPDATE SECTION:
>> 37.156.10.10.in-addr.arpa. 86400 IN PTR test.example.com.
>>
>> update_completed()
>> show_message()
>>
>> Reply from update query:
>> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 38067
>> ;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
>> ;; ZONE SECTION:
>> ;10.10.in-addr.arpa. IN SOA
>>
>> done_update()
>> reset_system()
>> user_interaction()
>> do_next_command()
>> do_next_command()
>> do_next_command()
>> evaluate_update()
>> update_addordelete()
>> do_next_command()
>> start_update()
>> send_update()
>> Sending update to 127.0.0.1#53
>> show_message()
>> Outgoing update query:
>> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 22045
>> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
>> ;; ZONE SECTION:
>> ;example.com. IN SOA
>>
>> ;; UPDATE SECTION:
>> test1.example.com. 86400 IN A 10.10.156.38
>>
>> update_completed()
>> show_message()
>>
>> Reply from update query:
>> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 22045
>> ;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
>> ;; ZONE SECTION:
>> ;example.com. IN SOA
>>
>> done_update()
>> reset_system()
>> user_interaction()
>> do_next_command()
>> do_next_command()
>> do_next_command()
>> evaluate_update()
>> update_addordelete()
>> do_next_command()
>> start_update()
>> send_update()
>> Sending update to 127.0.0.1#53
>> show_message()
>> Outgoing update query:
>> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 7571
>> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
>> ;; ZONE SECTION:
>> ;10.10.in-addr.arpa. IN SOA
>>
>> ;; UPDATE SECTION:
>> 38.156.10.10.in-addr.arpa. 86400 IN PTR test1.example.com.
>>
>> update_completed()
>> show_message()
>>
>> Reply from update query:
>> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 7571
>> ;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
>> ;; ZONE SECTION:
>> ;10.10.in-addr.arpa. IN SOA
>>
>> done_update()
>> reset_system()
>> user_interaction()
>> cleanup()
>> Shutting down task manager
>> shutdown_program()
>> Shutting down request manager
>> Destroy DST lib
>> Destroying request manager
>> Freeing the dispatchers
>> Shutting down dispatch manager
>> Destroying event
>> Shutting down socket manager
>> Shutting down timer manager
>> Removing log context
>> Destroying memory context
>> greg@hp-linux:/etc/bind/master$ systemctl restart named.service
>>
>> ######################################################
>> Forward zone file after the nsupdate
>> ######################################################
>> greg@hp-linux:/etc/bind/master$ cat example.com.dns
>> $ORIGIN .
>> $TTL 3600 ; 1 hour
>> example.com IN SOA ns1.example.com. admin\.example.com. (
>> 2 ; serial
>> 900 ; refresh (15 minutes)
>> 600 ; retry (10 minutes)
>> 1209600 ; expire (2 weeks)
>> 3600 ; minimum (1 hour)
>> )
>> NS ns1.example.com.
>> $ORIGIN example.com.
>> ns1 A 192.168.0.15
>> $TTL 86400 ; 1 day
>> test A 10.10.156.37
>> test1 A 10.10.156.38
>>
>> ########################################################
>> Reverse zone file after the update
>> ########################################################
>> greg@hp-linux:/etc/bind/master$ cat 10.10.in-addr.arpa.dns
>> $ORIGIN .
>> $TTL 3600 ; 1 hour
>> 10.10.in-addr.arpa IN SOA ns1.example.com. admin\.example.com. (
>> 2 ; serial
>> 3600 ; refresh (1 hour)
>> 600 ; retry (10 minutes)
>> 1209600 ; expire (2 weeks)
>> 3600 ; minimum (1 hour)
>> )
>> NS ns1.example.com.
>> $ORIGIN 156.10.10.in-addr.arpa.
>> $TTL 86400 ; 1 day
>> 37 PTR test.example.com.
>> 38 PTR test1.example.com.
>>
>> If any additional info is required please let me know and I will send it
>> asap.
>>
>> Look for to your response.
>>
>> Rgds,
>> Greg Donohoe.
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> ISC funds the development of this software with paid support subscriptions.
>> Contact us at https://www.isc.org/contact/ for more information.
>>
>>
>> bind-users mailing list
>> bind-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
