Sorry about the top posting, useless MS webmail. The reason I need the authoritative dns is because I'm in a regional office of a big company. It's a requirement that we provide an authoritative server for our local machines so they can be accessed from anywhere within the company WAN.
When I run the host and dig commands I'm specifying a dns to use, so there's no other dns involved, plus I've disabled resolve.conf and there are no other dns's defined. Dig seems to work but host doesn't. When I strace the dnsmasq server I can see it sending the hostname but it just doesn't register with host as a successful lookup. host works fine in non-authoritative mode and from my other dnsmasq servers - non authoritative. Does the format of the return message from dnsmasq change with the different modes? ________________________________________ From: Simon Kelley [si...@thekelleys.org.uk] Sent: Wednesday, March 12, 2014 5:45 AM To: Franco Broi; dnsmasq-discuss@lists.thekelleys.org.uk Subject: Re: [Dnsmasq-discuss] Reverse lookups not working in authoritative mode On 12/03/14 10:27, Franco Broi wrote: > Not sure what you mean but dig -x works so maybe host doesn't understand the > output of dnsmaq? > It's quite possible that dig is sending the query to dnsmasq directly, whilst dig is sending it to the recursive servers at your ISP, which are seeing the "global" view of the DNS, and not the local records. Since you're using authoritative mode, I assume you want these records to appear for everyone, everywhere. To do that for the reverse lookups, you need to have whoever owns the IP space you're using install a record 35.150.10.in-addr.arpa. NS perth1.aus.abc.com so that resolvers out on the internet know where to send the query. BUT 10.150.32.0 is an RFC1918 reserved address, so there's no point in putting records containing that address in the global internet. Why are you using authoritative mode at all? Cheers, Simon. > On 12 Mar 2014 18:11, Simon Kelley <si...@thekelleys.org.uk> wrote: > Have you delegated 35.150.10.in-addr.arpa. to the machine running dnsmasq? > > Simon. > > > > On 12/03/14 03:39, Franco Broi wrote: >> Hi >> >> I just configured my dnsmasq server to be authoritative but now reverse >> lookups don't work. With debug turned on I can see that the address is >> resolved and with strace I can even see the resolved hostname being sent >> in sendmsg but the machine doing the query says not found: 3(NXDOMAIN). >> If I remove the auth-server option it works as expected. >> >> My configuration is minimal: >> >> domain=aus.abc.com >> auth-server=perth1.aus.abc.com,eth0 >> auth-zone=aus.abc.com,10.150.32.0/20 >> >> [franco@tc1 ~]$ host 10.150.35.105 perth1 >> Using domain server: >> Name: perth1 >> Address: 10.150.35.111#53 >> Aliases: >> >> Host 105.35.150.10.in-addr.arpa. not found: 3(NXDOMAIN) >> >> >> [root@perth1 src]# dnsmasq -d -q >> dnsmasq: started, version 2.68 cachesize 150 >> dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP >> DHCPv6 no-Lua TFTP no-conntrack ipset auth >> dnsmasq: warning: no upstream servers configured >> dnsmasq: read /share/system/etc/hosts - 282 addresses >> dnsmasq: auth[PTR] 105.35.150.10.in-addr.arpa from 10.150.35.201 >> dnsmasq: /share/system/etc/hosts 10.150.35.105 is mds1.aus.abc.com >> >> Cheers,35.150.10.in-addr.arpa. >> >> >> >> _______________________________________________ >> Dnsmasq-discuss mailing list >> Dnsmasq-discuss@lists.thekelleys.org.uk >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss >> > > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > > ________________________________ > > > This email and any files transmitted with it are confidential and are > intended solely for the use of the individual or entity to whom they are > addressed. If you are not the original recipient or the person responsible > for delivering the email to the intended recipient, be advised that you have > received this email in error, and that any use, dissemination, forwarding, > printing, or copying of this email is strictly prohibited. If you received > this email in error, please immediately notify the sender and delete the > original. > > ________________________________ This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If you are not the original recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you received this email in error, please immediately notify the sender and delete the original. _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss