[SOLVED] bind under ISPconfig3.1 - cannot get reverse zone working

Hi, I posted this on the linux forum, but since it is probably more related to ISPconfig, I am posting it here...

I have debian 9, ISPconfig3.1, with latest version of bind. I have a static IPv4, a domain, that my DNS server is authoritative for. I am able to create forward zones without any problem, but when I try to create reverse zone, it only creates a file with .err extension. Doesn't matter if I create signed zone or not. There are no related error messages in /var/log/syslog ...
Name of the zone is like 444.333.222.111.in-addr.arpa. , since I don't have the whole subnet. Only one IP.
The file, that ISPconfig creates looks like this:

Code:

name of the file:
pri.444.333.222.111.in-addr.arpa.err
content:
$TTL        3600
@       IN      SOA     ns1.domain.eu. info.domain.eu. (
                        2017081501       ; serial, todays date + todays serial #
                        3600              ; refresh, seconds
                        540              ; retry, seconds
                        604800              ; expire, seconds
                        3600 )            ; minimum, seconds
;
444.333.222.111.in-addr.arpa. 3600      PTR        ns1.domain.eu

just one thing is suspicious - if I try to query the PTR record using nslookup, I get

message, in the syslog
The .err extension is present immediatelly, no matter if there is or isn't any record. Could someone please help me to debug this?

 

Here is the output:

Code:

named-checkzone -d 444.333.222.111.addr.arpa pri.444.333.222.111.in-addr.arpa.err
loading "444.333.222.111.in-addr.arpa" from "pri.444.333.222.111.in-addr.arpa.err" class "IN"
zone 444.333.222.111.in-addr.arpa/IN: has no NS records
zone 444.333.222.111.in-addr.arpa/IN: not loaded due to errors.

I tried that before, but didn't manage to find out what the mentioned errors actually are...

 

Unfortunatelly, no positive effect. The haveged is up and running. I even rebooted the server, checked everything again, and recreated the zone.

Could it be somehow related to firewall, or ... something with networking... ?

 

It finally works! Thank you!

 

hello, i have problem creating forward and reverse private dns

 

};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

zone "." IN {
type hint;
file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

include "/etc/named.conf.local"; ////comment:this is where it create pri.san.local file

 

this is my <pri.san.local> config created from ispconfig 3:
$TTL 3600
@ IN SOA 172.19.0.234. sanshrestha21.gmail.com. (
2019052002 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
3600 ) ; minimum, seconds
;

san.local 3600 NS server1
san.local. 3600 TXT "v=spf1 mx a ~all"
san.local. 3600 NS 172.19.0.234.
san.local. 3600 MX 10 mail.san.local.
san.local. 3600 NS 172.19.0.234.
mail 3600 A 172.19.0.234
www 3600 A 172.19.0.234
san.local. 3600 A 172.19.0.234

 

but while creating reverse lookup , it created file <pri.0.19.172.in-addr.arpa.err >
[root@server1 named]# vim pri.0.19.172.in-addr.arpa.err

$TTL 3600
@ IN SOA 172.19.0.234. sanshrestha21.gmail.com. (
2019052003 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
3600 ) ; minimum, seconds
;

0.19.172.in-addr.arpa.err 3600 NS server1

######comment ##########
i did install haveged and started service running
i even added NS
what went wrong
while adding NS on reverser<pri.0.19.172.in-addr.arpa.err > file
on ISPConfig 3: browser on <zone tab i have enter :0.19.172.in-addr.arpa.err> i.e zone=0.19.172.in-addr.arpa.err

 

while error checking reverse dns <0.19.172.in-addr.arpa.err>
zone san.local/IN: has no NS records
zone san.local/IN: not loaded due to errors.

 

this is my forward dns , its config is ok

 

$TTL 3600
@ IN SOA 172.19.0.234. sanshrestha21.gmail.com. (
2019052005 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
3600 ) ; minimum, seconds
;

san.local 3600 NS server1
san.local. 3600 TXT "v=spf1 mx a ~all"
san.local. 3600 NS server1
san.local. 3600 MX 10 mail.san.local.
san.local. 3600 NS server1
mail 3600 A 172.19.0.234
www 3600 A 172.19.0.234
san.local. 3600 A 172.19.0.234
server1 3600 A 172.19.0.234
~
######result of forward zone config###########
[root@server1 named]# named-checkzone san.local /var/named/pri.san.local
zone san.local/IN: loaded serial 2019052005
OK

 

while in reverse dns <pri.234.0.19.172.in-addr.arpa.err> this file is created
ON ispconfig while adding NS , in zone field what to type <pri.234.0.19.172.in-addr.arpa.err> or <234.0.19.172.in-addr.arpa.err> or <234.0.19.172.in-addr.arpa> if zone filed is input without *.err it say file not found

 

on ISPconfig for reverse dns when zone field was input with 234.0.19.172.in-addr.arpa\
[root@server1 named]# named-checkzone 234.19.0.172.in-addr.arpa /var/named/pri.234.0.19.172.in-addr.arpa.err
/var/named/pri.234.0.19.172.in-addr.arpa.err:10: ignoring out-of-zone data (234.0.19.172.in-addr.arpa)
/var/named/pri.234.0.19.172.in-addr.arpa.err:11: ignoring out-of-zone data (234.0.19.172.in-addr.arpa)
zone 234.19.0.172.in-addr.arpa/IN: has no NS records
zone 234.19.0.172.in-addr.arpa/IN: not loaded due to errors.

 

now my question is if zone field is filled with 234.0.19.172.in-addr.arpa.err how possible it is to be a right reverse DNS config file
where am I doing wrong, guide me

 

yes i went through your page
now i created forward dns there is no issues but while dig its not working