bind9 named.conf, named.boot, rndc.conf samples
Ian Downard
itd at ece.umr.edu
Wed Mar 28 22:24:53 UTC 2001
I'm trying to set up bind-9.1, caching only, on a LAN with only two
computers. Their hostnames and ip addrs are:
10.1.1.3 - spike.bebop.edu <-- master server
10.1.1.2 - ed.bebop.edu
(both machines are running Red Hat linux 6.0, kernel 2.2.17)
This was working fine with bind-8.2, but because my server was compromised
via bind-8.2 vulnerabilies, I'm upgrading.
So far I've been unsuccessful configuring rndc so I can reload
configurations and zones. Here is my precise error:
[root at spike bin]# named -p 53
[root at spike bin]# rndc -p 53 -s 10.1.1.3 reload
rndc: connect: unexpected error
Can someone mail me a sample named.conf, named.boot, and rndc.conf that
they know works with bind9 and think might be useful to me?
Thanks a lot for any help.
-Ian
I've included my versions of those files below, but I expect they aren't
configured properly.
------------------------------named.boot------------------------------
;
; a caching only nameserver config
;
directory /var/named
cache . named.ca
primary 0.0.127.in-addr.arpa named.local
------------------------------named.conf------------------------------
// generated by named-bootconf.pl and modified by Ian Downard
key iankey {
algorithm hmac-md5;
secret "qoDCVaqZbcrPRcnrB0gHTA==";
};
options {
directory "/var/named";
};
controls {
inet 127.0.0.1 allow { localhost; } keys { iankey; };
};
zone "." {
type hint;
file "root.hints";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "/var/named/zone/127.0.0";
};
zone "bebop.edu" {
type master;
notify no;
file "/var/named/zone/bebop.edu";
};
// reverse zones
zone "1.1.10.in-addr.arpa" {
type master;
notify no;
file "/var/named/zone/10.1.1";
};
------------------------------rndc.conf-------------------------------
// generated by Ian Downard based off of the rndc.conf.5 man page
options {
default-server localhost;
default-key iankey;
};
server localhost {
key iankey;
};
key iankey {
algorithm hmac-md5;
secret "qoDCVaqZbcrPRcnrB0gHTA==";
};
More information about the bind-users
mailing list