Did I get it right?
Kevin Darcy
kcd at daimlerchrysler.com
Wed Jul 31 03:02:19 UTC 2002
Kevin Darcy wrote:
> "Chris W." wrote:
>
> > Hello everyone,
> >
> > I wish to have a caching-only nameserver to serve my small LAN. I have
> > read pages upon pages of information on BIND and DNS but I'm not sure if
> > I have it right just yet. I am hoping to setup a DNS server and supply
> > name services to the two Windows systems I have on my network. I have
> > tried plugging in the IP address of the DNS server into my Windows
> > systems but nslookup on those systems returns a "Can't find server name
> > for address 192.168.1.100: Timed out" message. From what I've read, this
> > appears to be a reverse DNS issue but I just don't see where the problem
> > lies. Can someone please point me in the right direction?
> >
> > I am using BIND 9.2.1 on a PC running Solaris 8.
> >
> > Thanks in advance,
> >
> > Chris
> >
> > ===== hosts =====
> > 127.0.0.1 localhost
> > 192.168.1.100 cwunix.cwsys cwunix loghost
> > 192.168.1.101 compsys01.cwsys compsys01
> > 192.168.1.102 compsys02.cwsys compsys02
> >
> > ===== named.conf =====
> >
> > # /usr/local/etc/named.conf
> >
> > key "rndc-key" {
> > algorithm hmac-md5;
> > secret "5ziCq0tjii+OkjfUrjQ1Cg==";
> > };
> >
> > controls {
> > inet 127.0.0.1 port 953
> > allow { 127.0.0.1; } keys { "rndc-key"; };
> > };
> >
> > acl "allowDNS" { 192.168.1.0/24; localhost; };
> > acl "bogusnets" { 0.0.0.0/8; 1.0.0.0/8; 2.0.0.0/8; 192.0.2.0/24;
> > 224.0.0.0/3; 10.0.0.0/8; 172.16.0.0/12;
> > 192.168.0.0/16; };
> >
> > options {
> > directory "/var/named"; # Working directory
> > listen-on {
> > 192.168/16;
> > 127.0.0.1;
> > };
> > pid-file "named.pid"; # Pid file in working dir
> > allow-query { "allowDNS"; }; # Block access via ACL
> > blackhole { "bogusnets"; }; # Block spoofing
> > forwarders {
> > 63.240.76.4;
> > 204.127.198.4;
> > };
> > };
> >
> > zone "." {
> > type hint;
> > file "named.ca";
> > };
> >
> > zone "0.0.127.in-addr.arpa" {
> > type master;
> > file "named.local";
> > notify no;
> > };
> >
> > zone "cwsys" {
> > type master;
> > file "db.cwsys";
> > notify no;
> > allow-update { none; };
> > };
> >
> > zone "1.168.192.in-addr.arpa" IN {
> > type master;
> > file "db.192.168.1";
> > notify no;
> > allow-update { none; };
> > };
> >
> > ===== resolv.conf =====
> >
> > search cwsys
> > domain cwsys
> > nameserver 127.0.0.1
> > nameserver 63.240.76.4
> > nameserver 204.127.198.4
> >
> > ===== named.local =====
> >
> > ; /var/named/named.local
> > ;
> > $TTL 86400
> > @ IN SOA localhost. root.localhost. (
> > 1997022700 ; Serial
> > 28800 ; Refresh
> > 14400 ; Retry
> > 3600000 ; Expire
> > 86400 ) ; Minimum
> > IN NS localhost.
> >
> > 1 IN PTR localhost.
> >
> > ===== db.cwsys =====
> >
> > ; /var/named/db.cwsys
> > ;
> > $TTL 86400
> > @ IN SOA cwsys. root.cwsys. (
> > 2002022700 ; Serial
> > 28800 ; Refresh
> > 14400 ; Retry
> > 3600000 ; Expire
> > 86400 ) ; Minimum
> > IN NS cwunix.cwsys.
> >
> > cwsys. IN A 192.168.1.100
> >
> > ===== db.192.168.1 =====
> >
> > ; /var/named/db.192.168.1
> > ;
> > $TTL 86400
> >
> > 1.168.192.in-addr.arpa. IN SOA cwsys. root.cwsys. (
> > 2002022700 ; Serial
> > 28800 ; Refresh
> > 14400 ; Retry
> > 3600000 ; Expire
> > 86400 ) ; Minimum
> > 1.168.192.in-addr.arpa. IN NS cwsys.
> >
> > 100 PTR cwunix.cwsys.
> >
> > ============ DIG RESULTS ============
> >
> > ; <<>> DiG 9.2.1 <<>> -x 192.168.1.100
> >
> > ;; global options: printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36283
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
> >
> > ;; QUESTION SECTION:
> > ;100.1.168.192.in-addr.arpa. IN PTR
> >
> > ;; ANSWER SECTION:
> > 100.1.168.192.in-addr.arpa. 86400 IN PTR cwunix.cwsys.
> >
> > ;; AUTHORITY SECTION:
> > 1.168.192.in-addr.arpa. 86400 IN NS cwsys.
> >
> > ;; ADDITIONAL SECTION:
> > cwsys. 86400 IN A 192.168.1.100
> >
> > ;; Query time: 4 msec
> > ;; SERVER: 127.0.0.1#53(127.0.0.1)
> > ;; WHEN: Tue Jul 30 18:08:55 2002
> > ;; MSG SIZE rcvd: 100
> >
> > ============ DIG RESULTS ============
> >
> > ; <<>> DiG 9.2.1 <<>> cwsys
> >
> > ;; global options: printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49218
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;cwsys. IN A
> >
> > ;; ANSWER SECTION:
> > cwsys. 86400 IN A 192.168.1.100
> >
> > ;; AUTHORITY SECTION:
> > cwsys. 86400 IN NS cwunix.cwsys.
> >
> > ;; Query time: 4 msec
> > ;; SERVER: 127.0.0.1#53(127.0.0.1)
> > ;; WHEN: Tue Jul 30 18:09:24 2002
> > ;; MSG SIZE rcvd: 60
> >
> > ============ DIG RESULTS ============
> >
> > ; <<>> DiG 9.2.1 <<>> hotsheet.com
> >
> > ;; global options: printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40022
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> >
> > ;; QUESTION SECTION:
> > ;hotsheet.com. IN A
> >
> > ;; ANSWER SECTION:
> > hotsheet.com. 153 IN A 209.41.100.68
> >
> > ;; AUTHORITY SECTION:
> > hotsheet.com. 153 IN NS ns1.neospire.net.
> > hotsheet.com. 153 IN NS ns2.neospire.net.
> >
> > ;; ADDITIONAL SECTION:
> > ns1.neospire.net. 153 IN A 209.41.115.6
> > ns2.neospire.net. 153 IN A 209.41.115.7
> >
> > ;; Query time: 4 msec
> > ;; SERVER: 127.0.0.1#53(127.0.0.1)
> > ;; WHEN: Tue Jul 30 18:10:48 2002
> > ;; MSG SIZE rcvd: 126
>
> You're blackholing all of 192.168/16.
Oh, and your listen-on is pretty horked. It accepts only IP addresses, not
ranges.
- Kevin
More information about the bind-users
mailing list