Task 1: Configure the Domain Nameserver

Task 1.a: Configure the Nameserver for example.com

All configuration files of BIND9 are located at /etc/bind.

The primary config file (named.conf) is the same accross nameservers:

root@9fa907fa9339 /etc/bind # cat named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
// structure of BIND configuration files in Debian, *BEFORE* you customize 
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
 
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

First time restarting the named service, I get this error:

root@9fa907fa9339 / # service named restart
 * Stopping domain name service... named
 * rndc: connect failed: 127.0.0.1#953: connection refused
                                                                                              [ OK ]
 * Starting domain name service... named                                                      [fail]

Running the named-checkconf -zj shows that:

root@9fa907fa9339 / # named-checkconf -zj
/etc/bind/named.conf.zones:1: zone 'example.com': already exists previous definition: /etc/bind/named.conf.zones:1
/etc/bind/named.conf.zones:1: writeable file '/etc/bind/zones/example.com.': already in use: /etc/bind/named.conf.zones:1

It turns out, the named.conf.local file includes named.conf.zones twice:

root@9fa907fa9339 /etc/bind # cat named.conf.local
//
// Do any local configuration here
//
 
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
 
include "/etc/bind/named.conf.zones";

The zone file that defines DNS records for example.com:

root@9fa907fa9339 /etc/bind/zones # cat example.com. 
$TTL 300
$ORIGIN example.com.
@ SOA ns1.example.com. admin.example.com. 591463081 900 900 1800 60
 
@ NS ns1.example.com.
ns1.example.com. A 10.154.0.71
 
www A 10.154.0.72
abc A 19.154.0.73

Quote

In the zone file, domain names that end with a full stop character (i.e., the dot), are fully qualified while those that do not end with a full stop are relative to the current origin. For example, in the above example, ns1.example.com. is a full name, while www example refers to www.example.com.

Syntax: $ORIGIN domain-name [comment]

$ORIGIN sets the domain name that is appended to any unqualified records. When a zone is first read, there is an implicit $ORIGIN <zone_name>.; note the trailing dot. The current $ORIGIN is appended to the domain specified in the $ORIGIN argument if it is not absolute.

$ORIGIN example.com.
www     CNAME   main-server

is equivalent to

www.example.com. CNAME main-server.example.com.

When used in the label (or name) field, the asperand or at-sign (@) symbol represents the current origin. In the above example, it is example.com.

The ”.” at the end of “com” represents the cut before the root and is in parentheses because it is implied. The root itself is the null label "", so does not appear.

When testing with the nameserver of example.com at IP 10.154.0.71 for www.example.com, I expect the answer would be 10.154.0.72:

root@9fa907fa9339 /etc/bind/zones # dig @10.154.0.71 www.example.com
 
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> @10.154.0.71 www.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23292
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 8a6c0bc3f24198990100000066cdec43e43639f606c80936 (good)
;; QUESTION SECTION:
;www.example.com.		IN	A
 
;; ANSWER SECTION:
www.example.com.	300	IN	A	10.154.0.72
 
;; Query time: 0 msec
;; SERVER: 10.154.0.71#53(10.154.0.71) (UDP)
;; WHEN: Tue Aug 27 15:09:55 UTC 2024
;; MSG SIZE  rcvd: 88

Task 1.b: Configure Nameserver for Another Domain

Our domain should be quan2024.edu.

First, we add an entry into the named.conf.zones file for our domain:

root@9ab9aedee6d5 /etc/bind # cat named.conf.zones 
zone "quan2024.edu" {
  type master; # this is the master server
  allow-update { any; };
  file "/etc/bind/zones/quan2024.edu."; # the actual zone file
};

Then, we add the zone file /etc/bind/zones/quan2024.edu.:

root@9ab9aedee6d5 /etc/bind/zones # cat quan2024.edu. 
$TTL 300
$ORIGIN quan2024.edu.
@ SOA ns1.quan2024.edu. admin.quan2024.edu. 1724772781 900 900 1800 60
@ NS ns1.quan2024.edu.
 
ns1.quan2024.edu. A 10.162.0.73
www A 10.162.0.71
abc A 10.162.0.72

Remember to delete the duplicated include line in named.conf.local.

Restart named service and send a DNS query to the nameserver of quan2024.edu for resolving www.quan2024.edu.

root@9ab9aedee6d5 /etc/bind/zones # dig @10.162.0.73 www.quan2024.edu
 
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> @10.162.0.73 www.quan2024.edu
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22794
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 7f9021404d6c9cac0100000066cdf1ef00fd4c31025f5606 (good)
;; QUESTION SECTION:
;www.quan2024.edu.		IN	A
 
;; ANSWER SECTION:
www.quan2024.edu.	300	IN	A	10.162.0.71
 
;; Query time: 0 msec
;; SERVER: 10.162.0.73#53(10.162.0.73) (UDP)
;; WHEN: Tue Aug 27 15:34:07 UTC 2024
;; MSG SIZE  rcvd: 89

Task 2: Configure the TLD Servers

Quote

All the nameservers within a TLD domain must register their nameservers with this TLD server; otherwise, nobody can find them. For each domain, such as example.com, we need to add two records in the com server’s zone file: an NS record and an A record. The NS record specifies the nameserver for the example.com domain, while the A record specifies the IP address of the nameserver.

Task 2.a: Register example.com

First, we will configure the master nameserver of com in its zone file:

root@cd1cbc84c675 /etc/bind # cat zones/com. 
$TTL 300
$ORIGIN com.
@ SOA ns1.com. admin.com. 4182639562 900 900 1800 60
ns1.com. A 10.151.0.72
@ NS ns1.com.
ns2.com. A 10.161.0.72
@ NS ns2.com.
 
example NS ns1.example.com.
ns1.example.com. A 10.154.0.71

Explanation for the last two lines:

  1. NS record: specify nameserver for example.com domain, which is ns1.example.com.
  2. A record: specify IP of the nameserver ns1.example.com.

Test the configuration:

root@cd1cbc84c675 /etc/bind # dig @10.151.0.72 www.example.com
 
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> @10.151.0.72 www.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3100
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 2
;; WARNING: recursion requested but not available
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 711ed4ddfc2e8a220100000066cf3510cd683635db769ebb (good)
;; QUESTION SECTION:
;www.example.com.		IN	A
 
;; AUTHORITY SECTION:
example.com.		300	IN	NS	ns1.example.com.
 
;; ADDITIONAL SECTION:
ns1.example.com.	300	IN	A	10.154.0.71
 
;; Query time: 4 msec
;; SERVER: 10.151.0.72#53(10.151.0.72) (UDP)
;; WHEN: Wed Aug 28 14:32:48 UTC 2024
;; MSG SIZE  rcvd: 106

As we can see, it will return IP of ns1.example.com, which is nameserver of domain example.com.

We stop/start the named service on the secondary com nameserver to synchronize the zone file:

root@5007e5a98a40 /etc/bind # service named stop
 * Stopping domain name service... named                                                                                          
 * waiting for pid 253 to die
                                                                                                                           [ OK ]
root@5007e5a98a40 /etc/bind # service named start
 * Starting domain name service... named                                                                                   [ OK ] 
root@5007e5a98a40 /etc/bind # service named status
 * bind is running

The zone file should be transfered to /etc/bind/zones folder:

root@5007e5a98a40 /etc/bind # cat ./zones/com.                
examplecomns1examplecom+,ns1examplecom	ns1com	ns2com4,
�G#,	ns1com
�H#,	ns2com
�H#  

Test the configuration:

root@5007e5a98a40 /etc/bind # dig @10.161.0.72 www.example.com
 
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> @10.161.0.72 www.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1767
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 2
;; WARNING: recursion requested but not available
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 3049633056dadc4d0100000066cf37c3df7b91a6d6c05bb1 (good)
;; QUESTION SECTION:
;www.example.com.		IN	A
 
;; AUTHORITY SECTION:
example.com.		300	IN	NS	ns1.example.com.
 
;; ADDITIONAL SECTION:
ns1.example.com.	300	IN	A	10.154.0.71
 
;; Query time: 0 msec
;; SERVER: 10.161.0.72#53(10.161.0.72) (UDP)
;; WHEN: Wed Aug 28 14:44:19 UTC 2024
;; MSG SIZE  rcvd: 106

The nameserver returns IP of ns1.example.com as expected.

Task 2.b: Register <NAME><YEAR>.edu

The zone file:

root@4cbc76deac15 /etc/bind # cat zones/edu. 
$TTL 300
$ORIGIN edu.
@ SOA ns1.edu. admin.edu. 91397174 900 900 1800 60
ns1.edu. A 10.152.0.71
@ NS ns1.edu.
 
quan2024 NS ns1.quan2024.edu.
ns1.quan2024.edu. A 10.162.0.73

Test the configuration:

root@4cbc76deac15 /etc/bind # dig @10.152.0.71 www.quan2024.edu
 
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> @10.152.0.71 www.quan2024.edu
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36025
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 2
;; WARNING: recursion requested but not available
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: e7ef8a771664ffbb0100000066cf3af2f79c4b3ed5439959 (good)
;; QUESTION SECTION:
;www.quan2024.edu.		IN	A
 
;; AUTHORITY SECTION:
quan2024.edu.		300	IN	NS	ns1.quan2024.edu.
 
;; ADDITIONAL SECTION:
ns1.quan2024.edu.	300	IN	A	10.162.0.73
 
;; Query time: 3 msec
;; SERVER: 10.152.0.71#53(10.152.0.71) (UDP)
;; WHEN: Wed Aug 28 14:57:54 UTC 2024
;; MSG SIZE  rcvd: 107

As we can see, nameserver of edu returns the IP of ns1.quan2024.edu nameserver.

Task 3: Configure the Root Servers

Info

In the real world, there are 13 nameservers for the root zone, and they are synchronized through the root zone file maintained by IANA.

Config zone files of both root nameservers like this:

root@69ed5ecb0bfe /etc/bind # cat zones/root 
$TTL 300
$ORIGIN .
@ SOA ns1. admin. 567747005 900 900 1800 60
ns1. A 10.150.0.72
@ NS ns1.
ns2. A 10.160.0.72
@ NS ns2.
 
com NS ns1.com.
ns1.com. A 10.151.0.72
com NS ns2.com.
ns2.com. A 10.161.0.72
edu NS ns1.edu.
ns1.edu. A 10.152.0.71

Test the configuration of the first root nameserver:

root@69ed5ecb0bfe /etc/bind # dig @10.150.0.72 example.com
 
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> @10.150.0.72 example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32509
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 3
;; WARNING: recursion requested but not available
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: d664e756339ae2840100000066cf3dcc954fe19bdd562422 (good)
;; QUESTION SECTION:
;example.com.			IN	A
 
;; AUTHORITY SECTION:
com.			300	IN	NS	ns2.com.
com.			300	IN	NS	ns1.com.
 
;; ADDITIONAL SECTION:
ns2.com.		300	IN	A	10.161.0.72
ns1.com.		300	IN	A	10.151.0.72
 
;; Query time: 0 msec
;; SERVER: 10.150.0.72#53(10.150.0.72) (UDP)
;; WHEN: Wed Aug 28 15:10:04 UTC 2024
;; MSG SIZE  rcvd: 136

As we can see, the root nameserver answers with two com nameservers.

root@69ed5ecb0bfe /etc/bind # dig @10.150.0.72 edu
 
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> @10.150.0.72 edu
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58718
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 2
;; WARNING: recursion requested but not available
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: a6cd3bcdec9d71e20100000066cf3defa63e2b71ff01e31d (good)
;; QUESTION SECTION:
;edu.				IN	A
 
;; AUTHORITY SECTION:
edu.			300	IN	NS	ns1.edu.
 
;; ADDITIONAL SECTION:
ns1.edu.		300	IN	A	10.152.0.71
 
;; Query time: 0 msec
;; SERVER: 10.150.0.72#53(10.150.0.72) (UDP)
;; WHEN: Wed Aug 28 15:10:39 UTC 2024
;; MSG SIZE  rcvd: 94

The root nameserver answers with one edu nameserver.

Task 4: Configure the Local DNS Server

Quote

When we configure the root, TLD, and domain nameservers, we configure them to be non-recursive, i.e., they will only tell you what they know, and they will not conduct the entire resolution process to get the final answer for you. When we configure the local DNS server, we turn on the recursive option (see the following), so it will get the answer for you.

Quote

The local DNS server needs to know the IP addresses of the root servers.

When changing the IP addresses in the hint file of DNS resolver to something does not exist, the query will be timed out:

root@17a5d3d1e649 /etc/bind # dig @10.153.0.53 example.com
;; communications error to 10.153.0.53#53: timed out
 
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> @10.153.0.53 example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 19227
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 0bc2c5c41bb0171e0100000066d087722aa1f393b56c6a69 (good)
;; QUESTION SECTION:
;example.com.			IN	A
 
;; Query time: 5005 msec
;; SERVER: 10.153.0.53#53(10.153.0.53) (UDP)
;; WHEN: Thu Aug 29 14:36:34 UTC 2024
;; MSG SIZE  rcvd: 68

Task 5. Configure the Client

Configure a host named host_0 in AS-155 network then perform the DNS resolving:

root@4cb7744d492c / # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
714: net0@if715: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc tbf state UP group default qlen 1000
    link/ether 02:42:0a:80:10:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.155.0.71/24 scope global net0
       valid_lft forever preferred_lft forever
 
root@4cb7744d492c / # cat /etc/resolv.conf 
nameserver 10.153.0.53
nameserver 10.163.0.53
options ndots:0
 
root@4cb7744d492c / # dig www.example.com
; <<>> DiG 9.16.1-Ubuntu <<>> www.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25012
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 0cf9a05331335bcf0100000066d08de15e9f031cb49bdb41 (good)
;; QUESTION SECTION:
;www.example.com.               IN      A
 
;; ANSWER SECTION:
www.example.com.        300     IN      A       10.154.0.72
 
;; Query time: 24 msec
;; SERVER: 10.153.0.53#53(10.153.0.53)
;; WHEN: Thu Aug 29 15:04:01 UTC 2024
;; MSG SIZE  rcvd: 88

To trace the packets, we need to flush DNS cache of the DNS resolver. Then, we use the following filter for capturing DNS packets:

udp and port 53

Perform the DNS resolving process again while capturing packets with the Emulator.

Packet trace:

  1. Global DNS-1
  2. DNS-Root-A
  3. DNS-COM-B
  4. DNS-Example

The subsequent DNS queries to www.example.com will be answered immediately by DNS resolver due to caching.

Task 6: Reverse DNS Lookup

Quote

From RFC1035: to create a reverse DNS entry for an IPv4 address, take part of the address, reverse it, append “.in-addr.arpa” to it and use that name for a new zone.

Task 6.a: Configure Root Nameservers

First, we will specify nameservers for the top level domain in-addr.arpa in /etc/bind/zones/root of two root nameservers:

root@69ed5ecb0bfe /etc/bind # cat zones/root
$TTL 300
$ORIGIN .
@ SOA ns1. admin. 567747005 900 900 1800 60
ns1. A 10.150.0.72
@ NS ns1.
ns2. A 10.160.0.72
@ NS ns2.
 
com NS ns1.com.
ns1.com. A 10.151.0.72
com NS ns2.com.
ns2.com. A 10.161.0.72
edu NS ns1.edu.
ns1.edu. A 10.152.0.71
 
in-addr.arpa NS ns1.in-addr.arpa.
ns1.in-addr.arpa. A 10.151.0.72
in-addr.arpa NS ns2.in-addr.arpa.
ns2.in-addr.arpa. A 10.161.0.72

Try to resolve in-addr.arpa:

root@69ed5ecb0bfe /etc/bind # dig @10.150.0.72 in-addr.arpa
 
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> @10.150.0.72 in-addr.arpa
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17705
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 3
;; WARNING: recursion requested but not available
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 0a69da9025209e3b0100000066d1e53bfff2cef77b2df3d7 (good)
;; QUESTION SECTION:
;in-addr.arpa.                  IN      A
 
;; AUTHORITY SECTION:
in-addr.arpa.           300     IN      NS      ns2.in-addr.arpa.
in-addr.arpa.           300     IN      NS      ns1.in-addr.arpa.
 
;; ADDITIONAL SECTION:
ns2.in-addr.arpa.       300     IN      A       10.161.0.72
ns1.in-addr.arpa.       300     IN      A       10.151.0.72
 
;; Query time: 4 msec
;; SERVER: 10.150.0.72#53(10.150.0.72) (UDP)
;; WHEN: Fri Aug 30 15:28:59 UTC 2024
;; MSG SIZE  rcvd: 137

Task 6.b: Configure com Nameservers as in-addr.arpa Nameservers

Next, we will configure the com nameservers as in-addr.arpa nameservers. Specifically, add a zone for in-addr.arpa:

root@cd1cbc84c675 /etc/bind # cat named.conf.zones
zone "com." { type master; notify yes; allow-transfer { any; }; file "/etc/bind/zones/com."; allow-update { any; }; };
zone "in-addr.arpa." {
  type master;
  notify yes;
  allow-transfer { any; };
  allow-update { any; };
  file "/etc/bind/zones/in-addr.arpa.";
};

Then, specify nameserver for 154.10.in-addr.arpa domain in the zone file /etc/bind/zones/in-addr.arpa.

root@cd1cbc84c675 /etc/bind # cat zones/in-addr.arpa. 
$TTL 300
$ORIGIN in-addr.arpa.
@ SOA ns1.com. admin.com. 1565237345 900 900 1800 60
@ NS ns1.com.
@ NS ns2.com.
ns1.com. A 10.151.0.72
ns2.com. A 10.161.0.72
 
154.10.in-addr.arpa. NS ns1.154.10.in-addr.arpa.
ns1.154.10.in-addr.arpa. A 10.154.0.71

IP of nameserver of 154.10.in-addr.arpa should be the IP of example.com nameserver.

Try to resolve 154.10.in-addr.arpa:

root@cd1cbc84c675 /etc/bind # dig @10.151.0.72 154.10.in-addr.arpa
 
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> @10.151.0.72 154.10.in-addr.arpa
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54330
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 2
;; WARNING: recursion requested but not available
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: a06d3868467b43f00100000066d1e6b211d94f7a7108c920 (good)
;; QUESTION SECTION:
;154.10.in-addr.arpa.           IN      A
 
;; AUTHORITY SECTION:
154.10.in-addr.arpa.    300     IN      NS      ns1.154.10.in-addr.arpa.
 
;; ADDITIONAL SECTION:
ns1.154.10.in-addr.arpa. 300    IN      A       10.154.0.71
 
;; Query time: 0 msec
;; SERVER: 10.151.0.72#53(10.151.0.72) (UDP)
;; WHEN: Fri Aug 30 15:35:14 UTC 2024
;; MSG SIZE  rcvd: 110

Task 6.c: Configure example.com Nameserver as 154.10.in-addr.arpa Nameserver

The next step is configure example.com nameserver as 154.10.in-addr.arpa nameserver:

root@9fa907fa9339 /etc/bind # cat named.conf.zones
zone "example.com." { type master; file "/etc/bind/zones/example.com."; allow-update { any; }; };
zone "154.10.in-addr.arpa." {
  type master;
  notify yes;
  allow-transfer { any; };
  allow-update { any; };
  file "/etc/bind/zones/154.10.in-addr.arpa.";
};

Also add PTR records for reverse lookup into the zone file:

root@9fa907fa9339 /etc/bind # cat zones/154.10.in-addr.arpa. 
$TTL 30
$ORIGIN 154.10.in-addr.arpa.
@ SOA ns1.example.com. admin.example.com. 1635647622 900 900 1800 60
@ NS ns1.example.com.
ns1.example.com. A 10.154.0.71
71.0 IN PTR ns1.example.com.
72.0 IN PTR www.example.com.
73.0 IN PTR abc.example.com.

Use the client in Task 5. Configure the Client to perform the reverse lookup:

root@4cb7744d492c / # dig -x 10.154.0.72
 
; <<>> DiG 9.16.1-Ubuntu <<>> -x 10.154.0.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49021
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 09620b248ddd8a430100000066d1eaf4e54311e366f1d46b (good)
;; QUESTION SECTION:
;72.0.154.10.in-addr.arpa.      IN      PTR
 
;; ANSWER SECTION:
72.0.154.10.in-addr.arpa. 5     IN      PTR     www.example.com.
 
;; Query time: 12 msec
;; SERVER: 10.153.0.53#53(10.153.0.53)
;; WHEN: Fri Aug 30 15:53:24 UTC 2024
;; MSG SIZE  rcvd: 110

Resources