BIND issue: nsupdate unable to update reverse zone
I have a hunch that this might be the absence of an explicit zone
statement in your update.
nsupdate
has to guess what zone the update applies to when you omit that ("based on the rest of the input" according to the manpage), and I see lots of room for that assumption to be wrong given how many quads deep this zone is.
Failing that, give -v
a spin to see if you have better luck with TCP.
SOLUTION:
I have no idea why, but it is now working. The only things I did were rndc querylog
, which clearly can't have fixed anything by itself, and the following:
# chown -R named:named /var/named
# find . -type d -exec chmod 770 {} \;
# find . -type f -exec chmod 660 {} \;
Now, the funny thing is, I am 99.999% sure that the permissions were already set correctly (owner/group named, with 660 permissions). I mean, I checked the dang permissions at least a dozen times. Oh, the other thing I did was to delete the zero-length db.2.2.10.in-addr.arpa.jnl, and restart named, to allow it to recreate it. It recreated it properly (though with 644 permissions), and it worked from there on out. I'm baffled for the exact reason it's working, but I'll take it! Thanks everyone for your effort.
EDIT:
It looks as if my reverse zone file got updated somehow (I'm assuming via nsupdate). I'm posting it here in case it helps. Note the difference from my originally posted 2.2.10.in-addr.arpa zone in my original question. I feel like the differences are trivial enough to not make a difference in functionality, but of course, I'm far from an expert.
$ORIGIN .
$TTL 600 ; 10 minutes
2.2.10.in-addr.arpa IN SOA ns1.example.com. root.example.com. (
4 ; serial
604800 ; refresh (1 week)
86400 ; retry (1 day)
2419200 ; expire (4 weeks)
604800 ; minimum (1 week)
)
NS ns1.example.com.
$ORIGIN 2.2.10.in-addr.arpa.
10 PTR a.example.com.
11 PTR b.example.com.
15 PTR c.example.com.
96 PTR d.example.com.
55 PTR 3.example.com.
5 PTR server.example.com.