Re: Howto: Setup a DNS server with bind
in reference to
Code:
# This is the zone definition. replace example.com with your domain name
zone "example.com" {
type master;
file "/etc/bind/zones/example.com.db";
};
# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation - e.g my network address is 192.168.0
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
};
the box ip i want visible is: 10.10.10.2, router is 10.10.10.1
would that make my rev. 0.10.10.10????
Re: Howto: Setup a DNS server with bind
Quote:
Originally Posted by
huggy77
in reference to
Code:
# This is the zone definition. replace example.com with your domain name
zone "example.com" {
type master;
file "/etc/bind/zones/example.com.db";
};
# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation - e.g my network address is 192.168.0
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
};
the box ip i want visible is: 10.10.10.2, router is 10.10.10.1
would that make my rev. 0.10.10.10????
that's correct.....you just need the network address
Re: Howto: Setup a DNS server with bind
what version of ubuntu has the pre configured bind files? loaded the latest and it does not. Is there a version that has bind already loaded or would I still have to load bind?
Re: Howto: Setup a DNS server with bind
I'm getting this error when trying to start Bind:
Code:
Nov 21 21:59:47 localhost named[10645]: starting BIND 9.3.2 -u bind
Nov 21 21:59:47 localhost named[10645]: found 1 CPU, using 1 worker thread
Nov 21 21:59:47 localhost named[10645]: loading configuration from '/etc/bind/named.conf'
Nov 21 21:59:47 localhost named[10645]: /etc/bind/named.conf:55: unknown option 'forwarders'
Nov 21 21:59:47 localhost named[10645]: loading configuration: failure
Nov 21 21:59:47 localhost named[10645]: exiting (due to fatal error)
Here's the forwarders part in named.conf:
Code:
forwarders {
205.152.37.23;
};
Any idea what I'm doing wrong? I'm trying to set up an DNS server that'll act as a local cache (Bellsouth's DNS kinda sucks) and so I set up a few internal websites and servers.
Coog
Re: Howto: Setup a DNS server with bind
I've just finished setting this up. When I restart the service I get this error:
rndc: connect failed: connection refused
Any ideas on what I might have done wrong?
Re: Howto: Setup a DNS server with bind
Just wanted to let you guys know: don't use '_' in your server names. For some reason I did this and it wasted hours to find out. Stupid... yes indeed
Re: Howto: Setup a DNS server with bind
stijn_pol, underscores in host names are illegal according to RFCs (I can't remember if it was the DNS RFCs or another one, it was explained on the bind-users list). This was checked in older versions of BIND (for example 8.x); BIND 9.2 didn't perform host name checking, but the feature was reimplemented in BIND 9.3 and that's what I think bit you.
You can work around that using the 'check-names' option, if you're *really* convinced you need underscores in your hostnames.
For diagnosing problems in your BIND configuration, named-checkconf or named-checkzone are your friends. They are part of the BIND source package, although I don't know in which Ubuntu package they are installed.
Re: Howto: Setup a DNS server with bind
To get the dns to updated for dhcp clients I had to add the "allow-update" directive to the zone:
zone "example.com" {
type master;
file "/etc/bind/zones/example.com.db";
allow-update {192.168.1.0/24;};
};
Re: Howto: Setup a DNS server with bind
velorider, BIND doesn't accept zone updates by defaults, which makes sense if you think of the implications of allowing people to update your DNS and redirecting your traffic to who knows what host. Also, 'allow-update' is considered insecure in the BIND 9.3 administrator's manual (see here). The best way is to use something like TSIG. Oh, and did you say you allow DHCP clients to update the DNS? That's also not a good idea, how can you trust a client not being hacked, and wreaking havoc on your DNS namespace?
What I'd recommend is to have the DHCP server send the DNS updates, most servers should support that.
Also, If you're running a publicly accessible DNS server, I would suggest your configuration with http://www.dnsreport.com, especially the 'open dns server' item.
Re: Howto: Setup a DNS server with bind
Quote:
Originally Posted by
hogman23
One more step to get it to work:
You must rename the named.conf.local to named.conf
I want to point out that this isn't correct. The default setup is for named.conf to include named.conf.local. There should be a line at the end of your named.conf which looks like this:
Code:
include "/etc/bind/named.conf.local";
For my setup, I wanted to use BIND to divert all domains ending in ".dev" to a local IP, and to act as a cache for all other requests. This is a nice easy way to set up a local testing environment. Here's how my setup looks:
named.conf.local:
Code:
zone "dev" {
type master;
file "/etc/bind/db.dev";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.192.168.1";
};
db.dev:
Code:
;
; BIND data file for dev sites
;
$TTL 604800
@ IN SOA dev. root.dev. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS dev.
@ IN A 192.168.1.10
*.dev. 14400 IN A 192.168.1.10
db.192.168.1:
Code:
;
; BIND reverse data file for dev domains
;
$TTL 604800
@ IN SOA dev. root.dev. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS dev.
10 IN PTR dev.
In this example, 192.168.1.10 is the computer hosting the ".dev" sites. I'm not an expert in this, but my setup seems to be working well. I think it's unfortunate that the syntax of these files is so obscure, compared to Apache's easy-to-read config files.