On 04.03, Harry Putnam wrote: > > db.192.168.1 > ============ 8< snip ================= > $TTL 1D > @ IN SOA reader.local.lan. reader.reader.local.lan. ( > 200405190 ; serial > 28800 ; refresh (8 hours) > 14400 ; retry (4 hours) > 2419200 ; expire (4 weeks) > 86400 ; minimum (1 day) > ) > ; > ; Name servers (The name '@' is implied) > ; > IN NS reader > ; > ; Addresses point to canonical names > ; > > 192.168.1.2 IN PTR rdmz.local.lan. > 192.168.1.1 IN PTR fwdmz.local.lan. > > ====== 8< snip ===========================
I just went through this myself, having a few false tries before getting it right. From this experience, here's my understanding of how zone files work: - The general syntax for lines in the zone files: <key> <ttl> <class> <type> <value> - You may leave out one or more of these fields, which means they inherit the value that field had in the previous line. - You may use parenthesis to break long entries into several lines. This is mostly done for the SOA line, but should worlk for other lines as well. - The ';' character means the rest of the line is a comment. - You may use the special value '@' to mean the origin, which initially is the value from the 'zone' entry in the named.conf file, with a '.' appended. An $ORIGIN entry redefines the origin for subsequent entries in the file. You may put in several $ORIGIN entries. - A $TTL entry sets the default value of the 'ttl' field from that line on. - Where names are used -- eg. the 'key' field of an 'IN A' entry, or the 'value' field of an 'IN PTR' entry -- you may specify the full name by ending it with a '.'. Names with no '.' at the end have the origin appended. Now, if you look at your 'IN NS' line (which specifies the authorative name server for your reverse domain), it translates into: <key> <ttl> <class> <type> <value> 1.168.192.in-addr.arpa. 1D IN NS reader.1.168.192.in-addr.arpa. Which is not what you want. Instead, try the following line: IN NS reader.local.lan. In addition, 'reader' should have an 'IN A' entry in the 'local.lan' zone file. The 'dig' command from 'bind-tools' comes in handy when debugging bind setups. Some handy commands: dig reader.local.lan dig local.lan any dig local.lan axfr dig -x 192.168.1 axfr dig -x 192.168.1 any Given like this, 'dig' contacts the name servers from '/etc/resolv.conf'. You may also append '@name-server-name' to a 'dig' command in order to specify directly which name server to contact. -- Jo.
pgpTGVXZAYd7r.pgp
Description: PGP signature
