I'd like to run some things on Kubernetes and I kind of need/want a DNS service for it, so i setup a tiny vm with OpenBSD, nsd and unbound . I followed the setup guide from calomel and forward lookup works fine as expected, just the reverse lookup never works. Since I'm doing this in my homelab environment, the range that I create my zone for is 192.168.2.0/24. Trying to figure this out on my own I stumbled upon a post somewhere, where it was mentioned that unbound manages some zones and that they need to be "overwritten", specifically 168.192.in-addr.arpa. which my range falls into.
After having configured the local-zone and tried multiple other things, I am still unable to do a reverse lookup and I have lost my patience with it.
What am I not seeing?
unbound
`server:
access-control: 192.168.2.0/24 allow
auto-trust-anchor-file: "/var/unbound/db/root.key"
do-not-query-localhost: no
domain-insecure: example.net
domain-insecure: 2.168.192.in-addr.arpa
hide-identity: yes
hide-version: yes
insecure-lan-zones: yes
interface: 192.168.2.31
local-zone: example.net nodefault
local-zone: 2.168.192.in-addr.arpa nodefault
num-threads: 1
prefetch: yes
private-domain: example.net
private-domain: 2.168.192.in-addr.arpa
qname-minimisation: yes
root-hints: "/var/unbound/db/root.hints"
stub-zone:
name: "example.net"
stub-addr: 127.0.0.1
stub-zone:
name: "2.168.192.in-addr.arpa"
stub-addr: 127.0.0.1
forward-zone:
name: "*"
forward-addr: 192.168.2.1
`
nsd
`server:
ip-address: 127.0.0.1
port: 53
server-count: 1
ip4-only: yes
hide-version: yes
identity: ""
zone:
name: example.net
zonefile: master/example.net.forward
zone:
name: 2.168.192.in-addr.arpa
zonefile: master/2.168.192.in-addr.arpa.reverse
`
forward
$ORIGIN .
$TTL 3600 ; 1 hour
example.net IN SOA ns.example.net. admin.example.net. (
1 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
3600 ; minimum (1 hour)
)
NS ns.example.net.
$ORIGIN example.net.
ns A 192.168.2.31
test A 192.168.2.155
reverse
$ORIGIN .
$TTL 3600 ; 1 hour
2.168.192.in-addr.arpa IN SOA ns.example.net. admin.example.net. (
1 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
3600 ; minimum (1 hour)
)
NS ns.example.net.
$ORIGIN 2.168.192.in-addr.arpa.
31 PTR ns.example.net.
155 PTR test.example.net.