DNS: Create a Reverse Zone File

30 minutes
  • 6 Learning Objectives

About this Hands-on Lab

Creating reverse zones is crucial to DNS server configuration, and in performing reverse name service lookups. In this video, we will see how to configure the zone in `/etc/named.conf` and create the Start of Authority record as well as other records in the reverse zone file. Then we’ll test our configuration with a reverse query.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Get the IP Address for the Primary Interface for the Lab Server

Record the IP address for the primary interface:

ifconfig -a
Add the Reverse Zone Configuration to the /etc/named.conf File. Then Run the named-checkconf Command to Verify the Configuration
vim /etc/named.conf

Take the last three octets of the public IP address and enter them in reverse where you see xx.xx.xxx (such as 11.31.172). Insert the zone configuration just before the include statements at the bottom of the file:

zone "xx.xx.xxx.in-addr.arpa" {
   type master;
   file "/var/named/xx.xx.xxx.db";

Then run the named-checkconf command to verify the configuration.

Create the Reverse Zone File and Check the Configuration for Syntax Errors with named-checkzone
  1. Create the reverse zone file and enter the following information:
    vim /var/named/xx.xx.xxx.db
  2. Enter in the following:
    $TTL    86400
    @       IN      SOA     nameserver.mylabserver.com. root.mylabserver.com. (
                              10030         ; Serial
                               3600         ; Refresh
                               1800         ; Retry
                             604800         ; Expiry
                              86400         ; Minimum TTL
    ; Name Server
    @        IN      NS       nameserver.mylabserver.com.
    ; PTR Record Definitions
    93       IN      PTR       nameserver.mylabserver.com.
    30       IN      PTR       mailprod.mylabserver.com.
    72       IN      PTR       mailbackup.mylabserver.com.
    ; Mail Exchange Records
    @       IN  MX  10  mailprod.mylabserver.com.
    @       IN  MX  20  mailbackup.mylabserver.com.
  3. Run the named-checkzone command to check the zone file for syntax errors.
    named-checkzone mylabserver.com xx.xx.xxx.db
Change the File Permissions and the Group Owner for /var/named/xx.xx.xxx.db
  1. Change the file permissions for /var/named/xx.xx.xxx.db:
    chmod 760 /var/named/xx.xx.xxx.db
  2. Change the group owner of the file to named:
    chgrp named /var/named/xx.xx.xxx.db
Restart the named Service
systemctl restart named
Run a Query to Test the Configuration
nslookup x.x.x.x localhost

Replace x.x.x.x with what ifconfig -a returned for an IP address earlier.

Additional Resources

ABC Company is currently in the process of setting up its own internally-hosted DNS service. The next phase of the project is to create the reverse zones. The DNS administrator fell sick and is unavailable, but the project has a tight timeline. We have been designated as a resource to create the reverse zone and maintain files until the DNS Administrator returns.

To complete this lab, we'll need to use the vim command to add the zone configuration to the /etc/named.conf file. Then, create a reverse zone file. Also, create the following records in the reverse zone file:

  • TTL Record
  • SOA Record
  • Name Server
  • PTR Records:
    • nameserver.mylabserver.com.
    • mailprod.mylabserver.com.
    • mailbackup.mylabserver.com.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?