by All,
I just installed a new firewall (fbsd 4.1) and the dns
programs (e.g. bind) have rev'd and use new file formats. :-(
I have my old set of named files, but I can't seem to get
the new named to work. When I attach to it (using nslookup)
querys for my domain timeout, but others work fine.
Any ideas what I am doing wrong? Attached are named.conf and
the file for my domain.
Thanks,
-David
----- cut ----- here ----- for ----- named.conf -----
// $FreeBSD: src/etc/namedb/named.conf,v 1.6.2.1 2000/07/15 07:49:29 kris Exp $
//
// Refer to the named(8) man page for details. If you are ever going
// to setup a primary server, make sure you've understood the hairy
// details of how DNS is working. Even with simple mistakes, you can
// break connectivity for affected parties, or cause huge amount of
// useless Internet traffic.
options {
directory "/etc/namedb";
// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
// forward only;
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
/*
forwarders {
207.149.236.6:
207.149.236.7:
};
*/
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
/*
* If running in a sandbox, you may have to specify a different
* location for the dumpfile.
*/
// dump-file "s/named_dump.db";
/*
host { any; } {
topology {
127.0.0.0/8;
};
// Setting up secondaries is way easier and the rough picture for this
// is explained below.
//
// If you enable a local name server, don't forget to enter 127.0.0.1
// into your /etc/resolv.conf so this server will be queried first.
// Also, make sure to enable it in /etc/rc.conf.
zone "." {
type hint;
file "named.root";
type master;
file "localhost.rev";
type master;
file "localhost.rev";
// serve demonstration/documentation purposes!
//
// Example secondary config entries. It can be convenient to become
// a secondary at least for the zone where your own domain is in. Ask
// your network administrator for the IP address of the responsible
// primary.
//
// Never forget to include the reverse lookup (IN-ADDR.ARPA) zone!
// (This is the first bytes of the respective IP address, in reverse
// order, with ".IN-ADDR.ARPA" appended.)
//
// Before starting to setup a primary zone, better make sure you fully
// understand how DNS and BIND works, however. There are sometimes
// unobvious pitfalls. Setting up a secondary is comparably simpler.
//
// NB: Don't blindly enable the examples below. :-) Use actual names
// and addresses instead.
//
// NOTE!!! FreeBSD runs bind in a sandbox (see named_flags in rc.conf).
// The directory containing the secondary zones must be write accessible
// to bind. The following sequence is suggested:
//
// mkdir /etc/namedb/s
// chown bind.bind /etc/namedb/s
// chmod 750 /etc/namedb/s
/*
zone "heathen.com" {
type master;
file "s/heathen.db";
masters {
63.170.215.42;
};
type master;
file "s/lan.rev";
masters {
192.168.2.1;
};
type slave;
file "s/northwest.rev";
masters {
207.149.236.6;
};
type slave;
file "s/idiom.rev";
masters {
209.209.60.131;
};
----- cut ----- here ----- for ----- heathen.db -----
;
; Authoritative data for heathen.com domain
; belonging to David Paigen
;
heathen.com. IN SOA ns.idiom.com. support.idiom.com.
(
2000112001 ; serial
108009 ; refresh - 3 hours
3600 ; retry - 1 hour
360000 ; expire - 100 hours
86400 ) ; minimum - 1 day
IN MX 10 sweep.heathen.com.
IN MX 20 foible.heathen.com.
IN MX 50 idiom.com.
IN NS ns.idiom.com.
IN NS sweep.heathen.com.
IN A 63.170.215.42
;
localhost IN A 127.1
foible IN A 216.240.37.98
sweep IN A 63.170.215.42
;
;
; Define CNAMES, etc.
;
ns.heathen.com. IN CNAME sweep.heathen.com.
nntp.heathen.com. IN CNAME sweep.heathen.com.
smtp.heathen.com. IN CNAME sweep.heathen.com.
mail.heathen.com. IN CNAME sweep.heathen.com.
ftp.heathen.com. IN CNAME sweep.heathen.com.
www.heathen.com. IN CNAME sweep.heathen.com.
--
David Paigen Software Manager, Eloquent
pai...@heathen.com