Reverse zone reformatting after nsupdate execution

Greg Donohoe dubgregd at gmail.com
Wed Jan 27 13:06:12 UTC 2021 

Hello. I am hoping that someone can help me to figure out the cause of an
issue I am seeing when running nsupdate on my BIND9 server.
Below you will find all the the details as to how my server is configured
and also the nsupdate commands that I am running.

The issue I am seeing is that I have configured a /16 10.10.in-addr.arpa
reverse zone, however when I execute nsupdate the 10.10.in-addr.arpa.dns
zone file re formats the $ORIGIN to a /24 156.10.10.in-addr.arpa.
This appears to be an issue with nsupdate rather than BIND itself as I can
manually amend the 10.10.in-addr.arpa.dns zone file whcih always remains in
a /16 format.

Please see below for details and if you need any further information please
let me know.

###############################
named.conf
###############################
greg at hp-linux:/etc/bind$ cat named.conf
##  OPTIONS
options {
directory "/var/cache/bind";

        recursion no;
listen-on port 53 { any; };
allow-query  { any; };
allow-update { any; };

forwarders {
10.10.8.120;
10.196.207.11;
};

dnssec-validation auto;

auth-nxdomain no;    # conform to RFC1035
listen-on-v6 { any; };
};


## ZONES
# Zone statement for forward DNS lookups
zone "example.com" IN {
    type master;
    file "/etc/bind/master/example.com.dns";
    allow-update { any; };
};
zone "10.10.in-addr.arpa"  IN  {
    type master;
    file "/etc/bind/master/10.10.in-addr.arpa.dns";
    allow-update { any; };
};

###################################################
The batch.txt file I use to run nsupdate
###################################################
server 127.0.0.1
zone example.com
update add test.example.com 86400 IN A 10.10.156.37
send
server 127.0.0.1
zone 10.10.in-addr.arpa.
update add 37.156.10.10.in-addr.arpa. 86400 IN PTR test.example.com
send
server 127.0.0.1
zone example.com
update add test1.example.com 86400 IN A 10.10.156.38
send
server 127.0.0.1
zone 10.10.in-addr.arpa.
update add 38.156.10.10.in-addr.arpa. 86400 IN PTR test1.example.com
send

######################################################
nsupdate debug output
######################################################
greg at hp-linux:/etc/bind/master$ nsupdate -D -v batch1.txt
setup_system()
reset_system()
user_interaction()
do_next_command()
do_next_command()
do_next_command()
evaluate_update()
update_addordelete()
do_next_command()
start_update()
send_update()
Sending update to 127.0.0.1#53
show_message()
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  15755
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
;; ZONE SECTION:
;example.com. IN SOA

;; UPDATE SECTION:
test.example.com. 86400 IN A 10.10.156.37

update_completed()
show_message()

Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  15755
;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; ZONE SECTION:
;example.com. IN SOA

done_update()
reset_system()
user_interaction()
do_next_command()
do_next_command()
do_next_command()
evaluate_update()
update_addordelete()
do_next_command()
start_update()
send_update()
Sending update to 127.0.0.1#53
show_message()
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  38067
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
;; ZONE SECTION:
;10.10.in-addr.arpa. IN SOA

;; UPDATE SECTION:
37.156.10.10.in-addr.arpa. 86400 IN PTR test.example.com.

update_completed()
show_message()

Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  38067
;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; ZONE SECTION:
;10.10.in-addr.arpa. IN SOA

done_update()
reset_system()
user_interaction()
do_next_command()
do_next_command()
do_next_command()
evaluate_update()
update_addordelete()
do_next_command()
start_update()
send_update()
Sending update to 127.0.0.1#53
show_message()
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  22045
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
;; ZONE SECTION:
;example.com. IN SOA

;; UPDATE SECTION:
test1.example.com. 86400 IN A 10.10.156.38

update_completed()
show_message()

Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  22045
;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; ZONE SECTION:
;example.com. IN SOA

done_update()
reset_system()
user_interaction()
do_next_command()
do_next_command()
do_next_command()
evaluate_update()
update_addordelete()
do_next_command()
start_update()
send_update()
Sending update to 127.0.0.1#53
show_message()
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:   7571
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
;; ZONE SECTION:
;10.10.in-addr.arpa. IN SOA

;; UPDATE SECTION:
38.156.10.10.in-addr.arpa. 86400 IN PTR test1.example.com.

update_completed()
show_message()

Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:   7571
;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; ZONE SECTION:
;10.10.in-addr.arpa. IN SOA

done_update()
reset_system()
user_interaction()
cleanup()
Shutting down task manager
shutdown_program()
Shutting down request manager
Destroy DST lib
Destroying request manager
Freeing the dispatchers
Shutting down dispatch manager
Destroying event
Shutting down socket manager
Shutting down timer manager
Removing log context
Destroying memory context
greg at hp-linux:/etc/bind/master$ systemctl restart named.service

######################################################
Forward zone file after the nsupdate
######################################################
greg at hp-linux:/etc/bind/master$ cat example.com.dns
$ORIGIN .
$TTL 3600 ; 1 hour
example.com IN SOA ns1.example.com. admin\.example.com. (
2          ; serial
900        ; refresh (15 minutes)
600        ; retry (10 minutes)
1209600    ; expire (2 weeks)
3600       ; minimum (1 hour)
)
NS ns1.example.com.
$ORIGIN example.com.
ns1 A 192.168.0.15
$TTL 86400 ; 1 day
test A 10.10.156.37
test1 A 10.10.156.38

########################################################
Reverse zone file after the update
########################################################
greg at hp-linux:/etc/bind/master$ cat 10.10.in-addr.arpa.dns
$ORIGIN .
$TTL 3600 ; 1 hour
10.10.in-addr.arpa IN SOA ns1.example.com. admin\.example.com. (
2          ; serial
3600       ; refresh (1 hour)
600        ; retry (10 minutes)
1209600    ; expire (2 weeks)
3600       ; minimum (1 hour)
)
NS ns1.example.com.
$ORIGIN 156.10.10.in-addr.arpa.
$TTL 86400 ; 1 day
37 PTR test.example.com.
38 PTR test1.example.com.

If any additional info is required please let me know and I will send it
asap.

Look for to your response.

Rgds,
Greg Donohoe.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210127/8d0a585e/attachment.htm>

More information about the bind-users mailing list