First time DNS setup
Erik Freitag
erik.freitag at alamedanet.net
Fri Feb 11 22:57:04 UTC 2005
> Hello,
>
> I'm trying to set up my DNS server and before I go ahead I wanna ask
> you to tell me if my config is right.
>
> Thank you.
>
> This is my setup:
>
> FreeBSD 5.3 with Bind 9.3
> My Static IP: 123.456.789.999 (example only, obviously)
> My domain name: really-cool-domain.com
>
> my named.conf:
>
>
> options {
> directory "/etc/namedb";
> pid-file "/var/run/named/pid";
> dump-file "/var/dump/named_dump.db";
> statistics-file "/var/stats/named.stats";
> version "None of your business";
>
> listen-on { 127.0.0.1; 123.456.789.999 };
>
> // is this ok ?
>
> forwarders {
> My_ISPs_DNS1;
> My_ISPs_DNS2;
> };
>
> query-source address * port 53;
> };
>
> zone "." {
> type hint;
> file "named.root";
> };
>
> // whats going on here below
> // whats going on here below
>
> zone "0.0.127.IN-ADDR.ARPA" {
> type master;
> file "master/localhost.rev";
> };
>
> // IPv6 stuff omited !
>
> zone "really-cool-domain.com" {
> type master;
> file "master/really-cool-domain.com";
> };
Looks OK to me, except I think you forgot a semicolon after the fake IP
address in the listen-on clause of the options stanza. I'll bet the
semicolon is there in your real configuration, or BIND would have
complained bitterly about it.
I'm not sure why you want to use your ISPs DN servers as forwarders,
but I guess that's OK. I assume you'll use their actual address in your
configuration.
Why does almost everyone who submits to this list use fake domain names
and IP addresses? Do they all have undefended networks, or is there
some history of more focused attacks on sites that use their real
information? I also don't see a good reason to hide your version
information, but a lot of people seem to do it.
More information about the bind-users
mailing list