PTR request not working

tomcat667 · March 29, 2023, 7:56am

Hi, I have a vyos with a internal network 192.168.0.1/24
DNS forwading allowed the dns server 10.10.0.10
Outside this network I have a network with 10.10.0.1/24 with a DNS Server 10.10.0.10

10.10.0.0/24 on this network nslookup with reverse dns works fine and show me the PTR

inside the Vyos network dns forward works fine but not the reserve lookup for the PTR.
nslookup on windows says Non-existent domain

Any idea why the PTR is not working inside the vyos network?

a.hajiyev · March 29, 2023, 11:38am

Hi, @tomcat667 which version of VyOS are you using?

tomcat667 · March 29, 2023, 12:04pm

VyOS 1.4-rolling-202301310634
  Tue 31 Jan 2023 06:34 UTC

a.hajiyev · March 29, 2023, 12:48pm

Hi, @tomcat667
I have checked in my lab (VyOS 1.3.2 and VyOS 1.4-rolling-202303170317) DNS Forwarding (checked both Forward Lookup Zone and Reverse Lookup Zone) version is working.

tomcat667 · March 29, 2023, 12:53pm

thanks for testing, my dns config is this

PS C:\> nslookup 10.10.0.15
Server:  vyostest.local
Address:  192.168.0.1

*** vyostest.local can't find 10.10.0.15: Non-existent domain

   dns {
        forwarding {
            allow-from 192.168.0.0/24
            cache-size 0
            listen-address 192.168.0.1
            name-server 10.10.0.10
            name-server 10.10.0.11
        }

any idea why

a.hajiyev · March 29, 2023, 1:19pm

@tomcat667 I think your configuration is OK
In my lab, I used Ubuntu 22.04 as the user host.

and it is working.
Please check configurations both in both side routers and the DNS server as well.

a.hajiyev · March 29, 2023, 1:32pm

@tomcat667 I have checked on windows machine as well
Here is the result:

tomcat667 · March 30, 2023, 5:22am

thank you so much for helping, then i must search forward

tomcat667 · March 31, 2023, 11:58am

can you please share your config from your test vyos?

i have started from scratch but it will not work correctly.

That is my config from scratch

 show configuration
interfaces {
    ethernet eth0 {
        address dhcp
       
    }
    ethernet eth1 {
        address 192.168.0.1/24
        
    }
    loopback lo {
    }
}
nat {
    source {
        rule 100 {
            outbound-interface eth0
            source {
                address 192.168.0.0/24
            }
            translation {
                address masquerade
            }
        }
    }
}
service {
    dns {
        forwarding {
            allow-from 192.168.0.0/24
            cache-size 0
            dhcp eth0
            listen-address 192.168.0.1
            system
        }
    }
    ntp {
        allow-client {
            address 0.0.0.0/0
            address ::/0
        }
        server time1.vyos.net {
        }
        server time2.vyos.net {
        }
        server time3.vyos.net {
        }
    }
    ssh {
        port 22
    }
}
system {
    config-management {
        commit-revisions 100
    }
    conntrack {
        modules {
            ftp
            h323
            nfs
            pptp
            sip
            sqlnet
            tftp
        }
    }
    console {
        device ttyS0 {
            speed 115200
        }
    }
    host-name vyos
    login {
        user vyos {
            authentication {
                encrypted-password ****************
                plaintext-password ****************
            }
        }
    }
    name-server eth0
    syslog {
        global {
            facility all {
                level info
            }
            facility protocols {
                level debug
            }
        }
    }
}

a.hajiyev · March 31, 2023, 5:35pm

Hi @tomcat667 I had configured VyOS from scratch.
There were just
IP configuration
Static Routing
DNS forwarding

dns {
forwarding {
allow-from 192.168.0.0/24
cache-size 0
listen-address 192.168.0.1
name-server 10.10.0.10
}

a.hajiyev · April 1, 2023, 4:38am

Hi, again @tomcat667. I used 2 routers. 1 was on the client side (DNS Forwarder) another was on the DNS server side. This is the configuration commands output:

R-01 configuration (DNS Forwarder)

set interfaces ethernet eth0 address ‘172.16.11.1/24’
set interfaces ethernet eth0 description ‘Link-to-WAN’

set interfaces ethernet eth1 address ‘192.168.0.1/24’
set interfaces ethernet eth1 description ‘Link-to-LAN’
set interfaces ethernet eth1 hw-id ‘0c:93:d0:e4:00:01’

set protocols static route 10.10.0.0/24 next-hop 172.16.11.2

set service dns forwarding allow-from ‘192.168.0.0/24’
set service dns forwarding cache-size ‘0’
set service dns forwarding listen-address ‘192.168.0.1’
set service dns forwarding name-server ‘10.10.0.10’

R-02 configuration (DNS Server)

set interfaces ethernet eth0 address ‘172.16.11.2/24’
set interfaces ethernet eth0 description ‘Link-to-WAN’

set interfaces ethernet eth1 address ‘10.10.0.1/24’
set interfaces ethernet eth1 description ‘Link-to-LAN’

set protocols static route 192.168.0.0/24 next-hop 172.16.11.1

I did a simple configuration just for testing the Forward/Reverse Lookup Zone.
Used VyOS releases 1.3.2 and 1.4-rolling-202303170317.
For additional information, you may visit VyOS documentation
https://docs.vyos.io/en/equuleus/configuration/service/dns.html?highlight=dns
https://docs.vyos.io/en/latest/configuration/service/dns.html?highlight=dns

tomcat667 · April 4, 2023, 7:52am

I found the solution for my issue

set service dns forwarding no-serve-rfc1918

and i get a PTR inside my Vyos network

thanks for helping and debugging

system · April 6, 2023, 11:05am

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.