Newbie Zone File Question
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Tue Dec 23 23:29:57 UTC 2003
>
>
>
> On Tue, 23 Dec 2003, Barry Margolin wrote:
>
> > In article <bsa5gj$ok8$1 at sf1.isc.org>, tnaves at linkwest.net wrote:
> >
> > > I finally got my first dns server working. YeeHaa!
> > >
> > > I am using BIND 8 and have the following files:
> >
> > If you're doing this for the first time, why aren't you using the
> > current version of BIND?
>
> I just tried it on the version that was on my Sun box. It is just to
> learn how to do it.
>
> >
> > > named.conf (with a forwarder defined, a nameserver at my isp)
> >
> > Why? Is there something preventing your server from querying other
> > remote nameservers?
>
> I thought this was the usual way of doing things i.e., resolve names on
> the local network using priate address space ip addrs and forwarding the
> public lookups to a public nameserver. Also, the ISP nameservers are the
> public nameservers for our public addresses.
No. The usual way is to do your own iterative search.
> > > > named.ca (My cache file
> with only my name server as root server) >
> > Unless you've configured your server as a root server, it shouldn't be
> > in there. You should have the list of real root servers.
>
> It ws my intent to make my server the root server for my private network
> and to forward to the nameserver at the ISP for public addrs. This brings
> up another question. When I do an nslookup on my private name server it
> reponds with a non-authoritative answer. Here is the config of my
> named.ca file:
>
> ; named.ca
> ;
> . 3600000 IN NS NS1.MYDOMAIN.COM.
> NS1.MYDOMAIN.COM. 3600000 A 192.168.1.6
>
> Woouldn't that make it the root nameserver and thus authoritative?
No. To be a root server you need to *serve* ".".
zone "." {
type master; // or slave
file "root.db";
// masters { ... }; // for a slave
};
If you do this you then need to delegate each of the subzones of ".".
You want to be authoritative for *your* part of the namespace. You
don't want to be authoritative for ALL of the namespace.
> > > my_domain.zone (I have four hosts in this file counting the name server
> > > and localhost)
> > >
> > > my_domain_rev.zone (I have three hosts in this file counting the name
> > > server)
> > >
> > > local.rev (I have one host in this file, 1.0.0.127.in-addr.arpa.)
> > >
> > > It works fine.
> > >
> > > I have a couple of questions with respect to expanding my nameserver.
> > >
> > > Currently I am providing name resolution for one subnet only, 192.168.1.0
> > >
> > > I have two others: 192.168.2.0 and 192.168.3.0
> > >
> > > My question is:
> > >
> > > Can I just add hosts on these other subnets to my zone file
> > > (my_domain.zone above) or do I need a zone for each subnet?
> >
> > You need a zone for each domain. If they're in the same domain, then
> > they should normally be in the same forward zone file.
>
> Thanks.
>
> >
> > > How about the in-addr.arpa file for my zone (my_domain.zone above)?
> >
> > You could have separate zones for each reverse domain, your you could
> > have a single reverse zone for 168.192.in-addr.arpa.
>
> Thanks again.
>
> >
> > --
> > Barry Margolin, barmar at alum.mit.edu
> > Arlington, MA
> >
> >
> >
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list