dns error ** server can't find 15.1.168.192.in-addr.arpa.: NXDOMAIN centos 7

Issues related to configuring your network
Post Reply
josesalazmit
Posts: 4
Joined: 2019/01/16 17:14:21

dns error ** server can't find 15.1.168.192.in-addr.arpa.: NXDOMAIN centos 7

Post by josesalazmit » 2019/01/16 19:46:47

Hello
I have implemented dns using centos 7 in a network with subnet 192.168.1.0/24
In fact, I used webmin to configure the dns but when I use the command nslookup 192.168.1.15 (this is the DNS IP), I get the message :
** server can't find 15.1.168.192.in-addr.arpa.: NXDOMAIN

When I used the same command with nslookup www.google.ca I get:
** server can't find www.google.ca: NXDOMAIN

The server is installed behind a firewall pfsense but I opened the 53 for udp and tcp.
The scheme is:
Firewall with 192.168.1.1----switch----router cisco with interval 192.168.1.5 and the same switch the dns with 192.168.1.15

I run the tail -f and I get this error: (I am no using ipv6 in my network)
Jan 16 13:36:10 dnslinux named[17337]: network unreachable resolving 'www.google.ca/A/IN': 2001:7fd::1#53
Jan 16 13:36:12 dnslinux named[17337]: network unreachable resolving 'www.google.ca/A/IN': 2001:500:12::d0d#53

Jan 16 15:38:10 dnslinux named[17337]: network unreachable resolving '1.centos.pool.ntp.org/AAAA/IN': 2001:7fd::1#53
Jan 16 15:38:10 dnslinux named[17337]: network unreachable resolving '1.centos.pool.ntp.org/AAAA/IN': 2001:500:2d::d#53


My configuration is:

Named.conf file
//
// named.conf

options {
listen-on port 53 { 127.0.0.1; 192.168.1.15; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { localhost; 192.168.1.0/24; };
recursion yes;

dnssec-enable yes;
dnssec-validation yes;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";

pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

zone "." IN {
type hint;
file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

zone "mobile.com" {
type master;
file "/var/named/mobile.com.hosts";
allow-transfer {
10.0.1.220;
};
allow-query {
any;
};
};
Mobile.com.hosts
$ttl 38400
mobile.com. IN SOA dnslinux.mobile.com. josesalazmit.gmail.com. (
604803
60
3600
604800
38400 )
mobile.com. IN NS dnslinux.mobile.com.
dnslinux.mobile.com. IN A 192.168.1.15
dnslinux.mobile.com. IN NS dnslinux.mobile.com.

resolv.conf
# Generated by NetworkManager
search mobile.com
nameserver 192.168.1.15


nic settings

TYPE="Ethernet"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="no"
IPV6_AUTOCONF="no"
IPV6_DEFROUTE="no"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp0s3"
UUID="e20340d0-e975-4b9a-9ebf-f5a0e7f0bafa"
DEVICE="enp0s3"
ONBOOT="yes"
IPADDR="192.168.1.15"
PREFIX="24"
GATEWAY="192.168.1.5"
IPV6_PEERDNS="yes"
IPV6_PEERROUTES="yes"
IPV6_PRIVACY="no"
~

I will appreciate any suggestion

Regards,

Jose

josesalazmit
Posts: 4
Joined: 2019/01/16 17:14:21

Re: dns error ** server can't find 15.1.168.192.in-addr.arpa.: NXDOMAIN centos 7

Post by josesalazmit » 2019/01/16 20:46:47

Hello
I would like to add more information
I resolved the issue with IPV6 disabling ipv6 in named file
and I am also able to get the www.ggole.ca domain whe I added the forwarding external dns but I am still unable to resolve dns internal IP, even my own IP

The new status is:

[root@dnslinux sysconfig]# nslookup www.google.ca
Server: 192.168.1.15
Address: 192.168.1.15#53

Non-authoritative answer:
Name: www.google.ca
Address: 172.217.13.99


but
[root@dnslinux sysconfig]# nslookup 192.168.1.15
Server: 192.168.1.15
Address: 192.168.1.15#53

** server can't find 15.1.168.192.in-addr.arpa.: NXDOMAIN


I appreciate any help. The configt file is attached in the original question

:)

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: dns error ** server can't find 15.1.168.192.in-addr.arpa.: NXDOMAIN centos 7

Post by TrevorH » 2019/01/16 20:50:53

You haven't set up and populated your reverse zone entries. What you have allows you to turn names into ip addresses but you also need to have another zone that resolves ip addresses back to names.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

josesalazmit
Posts: 4
Joined: 2019/01/16 17:14:21

Re: dns error ** server can't find 15.1.168.192.in-addr.arpa.: NXDOMAIN centos 7

Post by josesalazmit » 2019/01/18 15:23:04

Thanks for the information, however, I created a reverse zone but it is still the same issue. Please, could you take a look for my current files:


I created a reverse zone for subnets 172.x.x.x and 192.x.x.x

zone "mobile.com" {
type master;
file "/var/named/mobile.com.hosts";
allow-transfer {
10.0.1.220;
};
allow-query { 172.16.10.0/24; 192.168.1.0/24;
any;
};
};
zone "192.168.1.in-addr.arpa" {
type master;
file "/var/named/1.168.192.rev";
};
zone "172.16.10.in-addr.arpa" {
type master;
file "/var/named/10.16.172.rev";
};
**************************************************


the file /var/named/1.168.192.rev is:
$ttl 38400
192.168.1.in-addr.arpa. IN SOA dnslinux.mobile.com. root.mobile.com (
1547680207
60
3600
604800
38400 )
192.168.1.in-addr.arpa. IN NS dnslinux.mobile.com.

************************************

the second file is:
$ttl 38400
172.16.10.in-addr.arpa. IN SOA dnslinux.mobile.com. root.mobile.com (
1547680985
60
3600
604800
38400 )
172.16.10.in-addr.arpa. IN NS dnslinux.mobile.com.


**********
I can resolve external domain


[root@dnslinux etc]# nslookup www.google.ca
Server: 192.168.1.15
Address: 192.168.1.15#53

Non-authoritative answer:
Name: www.google.ca
Address: 172.217.13.99
*****************

but no internal IP even my own IP
[root@dnslinux etc]# nslookup 192.168.1.15
Server: 192.168.1.15
Address: 192.168.1.15#53

** server can't find 15.1.168.192.in-addr.arpa.: NXDOMAIN



I will appreciate any suggestion

Thanks

Post Reply