Reverse zone reformatting after nsupdate execution

Ondřej Surý ondrej at isc.org
Wed Jan 27 13:23:36 UTC 2021 

Greg,

there’s nothing wrong with the zone contents. $ORIGIN means “now append this to every name not ending with dot”.

Ondřej
--
Ondřej Surý — ISC (He/Him)

> On 27. 1. 2021, at 14:06, Greg Donohoe <dubgregd at gmail.com> wrote:
> 
> 
> Hello. I am hoping that someone can help me to figure out the cause of an issue I am seeing when running nsupdate on my BIND9 server.
> Below you will find all the the details as to how my server is configured and also the nsupdate commands that I am running.
> 
> The issue I am seeing is that I have configured a /16 10.10.in-addr.arpa reverse zone, however when I execute nsupdate the 10.10.in-addr.arpa.dns zone file re formats the $ORIGIN to a /24 156.10.10.in-addr.arpa.
> This appears to be an issue with nsupdate rather than BIND itself as I can manually amend the 10.10.in-addr.arpa.dns zone file whcih always remains in a /16 format.
> 
> Please see below for details and if you need any further information please let me know.
> 
> ###############################
> named.conf
> ###############################
> greg at hp-linux:/etc/bind$ cat named.conf
> ##  OPTIONS
> options {
> directory "/var/cache/bind";
> 
>         recursion no;
> listen-on port 53 { any; };
> allow-query  { any; };
> allow-update { any; };
> 
> forwarders {
> 10.10.8.120;
> 10.196.207.11;
> };
> 
> dnssec-validation auto;
> 
> auth-nxdomain no;    # conform to RFC1035
> listen-on-v6 { any; };
> };
> 
> 
> ## ZONES
> # Zone statement for forward DNS lookups
> zone "example.com" IN {
>     type master;
>     file "/etc/bind/master/example.com.dns";
>     allow-update { any; };
> };
> zone "10.10.in-addr.arpa"  IN  {
>     type master;
>     file "/etc/bind/master/10.10.in-addr.arpa.dns";
>     allow-update { any; };
> };
> 
> ###################################################
> The batch.txt file I use to run nsupdate
> ###################################################
> server 127.0.0.1
> zone example.com
> update add test.example.com 86400 IN A 10.10.156.37
> send
> server 127.0.0.1
> zone 10.10.in-addr.arpa.
> update add 37.156.10.10.in-addr.arpa. 86400 IN PTR test.example.com
> send
> server 127.0.0.1
> zone example.com
> update add test1.example.com 86400 IN A 10.10.156.38
> send
> server 127.0.0.1
> zone 10.10.in-addr.arpa.
> update add 38.156.10.10.in-addr.arpa. 86400 IN PTR test1.example.com
> send
> 
> ######################################################
> nsupdate debug output
> ######################################################
> greg at hp-linux:/etc/bind/master$ nsupdate -D -v batch1.txt
> setup_system()
> reset_system()
> user_interaction()
> do_next_command()
> do_next_command()
> do_next_command()
> evaluate_update()
> update_addordelete()
> do_next_command()
> start_update()
> send_update()
> Sending update to 127.0.0.1#53
> show_message()
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  15755
> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;example.com. IN SOA
> 
> ;; UPDATE SECTION:
> test.example.com. 86400 IN A 10.10.156.37
> 
> update_completed()
> show_message()
> 
> Reply from update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  15755
> ;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;example.com. IN SOA
> 
> done_update()
> reset_system()
> user_interaction()
> do_next_command()
> do_next_command()
> do_next_command()
> evaluate_update()
> update_addordelete()
> do_next_command()
> start_update()
> send_update()
> Sending update to 127.0.0.1#53
> show_message()
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  38067
> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;10.10.in-addr.arpa. IN SOA
> 
> ;; UPDATE SECTION:
> 37.156.10.10.in-addr.arpa. 86400 IN PTR test.example.com.
> 
> update_completed()
> show_message()
> 
> Reply from update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  38067
> ;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;10.10.in-addr.arpa. IN SOA
> 
> done_update()
> reset_system()
> user_interaction()
> do_next_command()
> do_next_command()
> do_next_command()
> evaluate_update()
> update_addordelete()
> do_next_command()
> start_update()
> send_update()
> Sending update to 127.0.0.1#53
> show_message()
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  22045
> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;example.com. IN SOA
> 
> ;; UPDATE SECTION:
> test1.example.com. 86400 IN A 10.10.156.38
> 
> update_completed()
> show_message()
> 
> Reply from update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  22045
> ;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;example.com. IN SOA
> 
> done_update()
> reset_system()
> user_interaction()
> do_next_command()
> do_next_command()
> do_next_command()
> evaluate_update()
> update_addordelete()
> do_next_command()
> start_update()
> send_update()
> Sending update to 127.0.0.1#53
> show_message()
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:   7571
> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;10.10.in-addr.arpa. IN SOA
> 
> ;; UPDATE SECTION:
> 38.156.10.10.in-addr.arpa. 86400 IN PTR test1.example.com.
> 
> update_completed()
> show_message()
> 
> Reply from update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:   7571
> ;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;10.10.in-addr.arpa. IN SOA
> 
> done_update()
> reset_system()
> user_interaction()
> cleanup()
> Shutting down task manager
> shutdown_program()
> Shutting down request manager
> Destroy DST lib
> Destroying request manager
> Freeing the dispatchers
> Shutting down dispatch manager
> Destroying event
> Shutting down socket manager
> Shutting down timer manager
> Removing log context
> Destroying memory context
> greg at hp-linux:/etc/bind/master$ systemctl restart named.service
> 
> ######################################################
> Forward zone file after the nsupdate
> ######################################################
> greg at hp-linux:/etc/bind/master$ cat example.com.dns
> $ORIGIN .
> $TTL 3600 ; 1 hour
> example.com IN SOA ns1.example.com. admin\.example.com. (
> 2          ; serial
> 900        ; refresh (15 minutes)
> 600        ; retry (10 minutes)
> 1209600    ; expire (2 weeks)
> 3600       ; minimum (1 hour)
> )
> NS ns1.example.com.
> $ORIGIN example.com.
> ns1 A 192.168.0.15
> $TTL 86400 ; 1 day
> test A 10.10.156.37
> test1 A 10.10.156.38
> 
> ########################################################
> Reverse zone file after the update
> ########################################################
> greg at hp-linux:/etc/bind/master$ cat 10.10.in-addr.arpa.dns
> $ORIGIN .
> $TTL 3600 ; 1 hour
> 10.10.in-addr.arpa IN SOA ns1.example.com. admin\.example.com. (
> 2          ; serial
> 3600       ; refresh (1 hour)
> 600        ; retry (10 minutes)
> 1209600    ; expire (2 weeks)
> 3600       ; minimum (1 hour)
> )
> NS ns1.example.com.
> $ORIGIN 156.10.10.in-addr.arpa.
> $TTL 86400 ; 1 day
> 37 PTR test.example.com.
> 38 PTR test1.example.com.
> 
> If any additional info is required please let me know and I will send it asap.
> 
> Look for to your response.
> 
> Rgds,
> Greg Donohoe.
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210127/591d86ca/attachment-0001.htm>

More information about the bind-users mailing list