Univention Bugzilla – Bug 54796
Add possibility for setting disable-empty-zone
Last modified: 2023-10-09 09:22:28 CEST
Szenario: - Multiple IP-Ranges (10/8, 172.16/16) - One Central Router with connection to all IP-Ranges and knowledge over each DNS-Server. - UCS is used as default DNS-Server for IP-Range 10/8. - IP-Range 172.16/16 is split into multiple sub-ranges (e.g. 172.16.10/24, 172.16.11/24, ...) - Each range has it's own DNS-Server, all non-UCS. DNS forward delegation in UCS works perfectly (e.g. test.test1.company is forwarded to central router and from there to DNS-Server of 172.16.10/24, test.test2.company is forwarded to central router and from there to DNS-Server of 172.16.11/24,) PTR delegation in UCS works if the IP range is none-RFC1918 (e.g. 8.8.8.8) PTR delegation in UCS does not work, if IP is RFC1918 (e.g. 172.16.10.2) This is due a default configuration in bind which enables empty-zones: https://kb.isc.org/docs/aa-00800 This config needs to be set in the options-block in named.conf(.samba4). Example: disable-empty-zone "10.IN-ADDR.ARPA"; disable-empty-zone "16.172.IN-ADDR.ARPA"; disable-empty-zone "168.192.IN-ADDR.ARPA"; Currently the only possible options are: - write this into named.conf(.samba4) directly -> would be overwritten at next config-change - edit the corresponding template -> should be avoided whenever possible - create PTR-Records for each host in the corresponding Ranges in UCS -> especially in dynamic and/or big ip-ranges not doable
*** Bug 55942 has been marked as a duplicate of this bug. ***