Date: Mon, 15 Jan 2007 09:30:22 -0800 From: "Nate Peck" <nate3000@gmail.com> To: "Derek Ragona" <derek@computinginnovations.com> Cc: Reko Turja <reko.turja@liukuma.net>, freebsd-questions@freebsd.org Subject: Re: BIND9 Syntax? Message-ID: <7ddd53320701150930x4e33fde8q576cb563232ca74a@mail.gmail.com> In-Reply-To: <6.0.0.22.2.20070114165429.025c5068@mail.computinginnovations.com> References: <7ddd53320701140839t65f5b005r3b5bbe105c71700e@mail.gmail.com> <02fc01c73803$0644d4a0$0a0aa8c0@rivendell> <6.0.0.22.2.20070114165429.025c5068@mail.computinginnovations.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks Derek and Reko!
BIND works, and is resolving.
Nate Peck
On 1/14/07, Derek Ragona <derek@computinginnovations.com> wrote:
>
> Once you get the syntax corrected, make sure you are picking up the correct
> named.conf file by doing:
> ps -ax| grep name
>
> If you don't have /etc/rc.conf setup correctly, you may not be getting the
> correct named.conf.
>
> -Derek
>
>
>
> At 11:40 AM 1/14/2007, Reko Turja wrote:
>
> ----- Original Message ----- From: "Nate Peck" <nate3000@gmail.com>
> To: <freebsd-questions@freebsd.org>
> Sent: Sunday, January 14, 2007 6:39 PM
> Subject: BIND9 Syntax?
>
>
>
> Dear All,
>
> I've been having trouble with BIND(version 9.3.2-P1), and I'm not sure
> where the problem is. When I try to use nslookup, it spits out:
>
>
> server 127.0.0.1Default server: 127.0.0.1
> Address: 127.0.0.1#53
>
> blue.home.lanServer: 127.0.0.1
> Address: 127.0.0.1#53
>
> ** server can't find blue.home.lan: SERVFAIL
>
>
> I have my server(blue.home.lan), set up on a LAN.
>
> These are my config files:
>
> db.home.lan:
> $TTL 3h
> home.lan. IN SOA blue.home.lan. (
> 1 ; Serial
> 3h ; Refresh after 3 hours
> 1h ; Retry after 1 hour
> 1w ; Expire after 1 week
> 1h ) ; Negative caching TTL of 1 hour
>
> And you can define the SOA to be home.lan.
> Missing the email address of responsible administrator - should be like:
>
> home.lan. IN SOA home.lan. email.blue.home.lan
> ^^^^^^^^^^^^^^^^^^^
>
> Notice that first dot only in email-address is substituted by @
>
> Usually a good idea is naming the serial like 2007011401 - year, month, day
> and serial is easier that way in the long run :)
>
>
> named.conf:
> options {
> If this was public I would consider adding either a recursion no; or
> allow-recursion {}; clauses in options in order to avoid some attack
> techniques utilizing nameservers.
>
>
> zone "." IN {
> type hint;
> file "named.ca";
> };
> You have moved the named.root into named.ca?
>
> No need for IN in these either.
>
>
>
> zone "localhost" IN {
> type master;
> file "pri/localhost.zone";
> allow-update { none; };
> notify no;
> };
> Again if public, I would add allow-transfer rules to allow the full dump of
> domains in questions only at appropriate peering servers. Maybe allow-query
> { any; }; for every domain as well.
>
> I might have missed some bugs at cursory glance, but these should help to
> get you started.
>
> -Reko
>
> (By the way Greg Leheys nowadays publicly available book about FreeBSD has
> pretty good walkthrough about basic nameserver configuration)
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> MailScanner thanks transtec Computers for their support.
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> MailScanner thanks transtec Computers for their support.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7ddd53320701150930x4e33fde8q576cb563232ca74a>