DNS Servers Setup
Brad Knowles
brad at stop.mail-abuse.org
Tue May 3 18:55:15 UTC 2005
At 8:10 AM -0700 2005-05-03, No_Spam wrote:
> Thanks for the detailed information. Few things: -
> - The existing DNS server has 2 NICs installed already, but I'm only
> using one. Can I utiliize the 2nd NIC for DNS service? How?
Unless you specify particular addresses to use or not use, BIND
will automatically make use of any IP addresses on any NICs that are
installed on the machine.
> - The existing DNS server is setup woth forward and reverse zones. In
> the forward zone, it has a list of all IP addresses and machine names
> on the network (including the public & private addresses and WWW and MX
> records). Is this the correct steup?
You probably don't want to be exposing all that private information.
> How do I do views?
You set up multiple copies of the zone in question, and use ACLs
based on the IP address of the query to determine which version of
the zone you would use for the basis for the answers you provide to
that question. Internal queries would get their answers from one
version, external queries would get their answers from a different
version.
See <http://sysadmin.oreilly.com/news/views_0501.html>,
<http://www.oreillynet.com/pub/a/network/excerpt/dnsbindcook_ch07/>,
<http://www.cymru.com/Documents/secure-bind-template.html>, among
others.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the bind-users
mailing list