setting up dns on solaris

Kevin Darcy kcd at daimlerchrysler.com
Mon Nov 6 22:02:31 UTC 2006


pawright23 wrote:
> Thanks for this Kevin
>
> In response:
>
>   
>> 1. You have "forward first" mode set but no forwarders defined (?) Not
>> sure what the point of that is.
>>     
>
> Whoops! Fixed that now!
>
>   
>> 2. You're loading your reverse zone as 3.5.10.in-addr.arpa but the A
>> records in your forward zone are all the 10.10.10.* range
>>     
>
> Fixed
>
>   
>> 3. Your PTR records all refer to names in the test.mydomain.com
>> subdomain, but you have no A records in that subdomain
>>     
>
> Any chance you could help me out as to where A records go? Sorry for
> the beginner question.
>   
That's really a matter of personal preference or local convention, 
analogous to how you lay out your directory structure on a disk. Do you 
*want* all of the nodes to be under the test.mydomain.com subdirectory? 
That's fine. It's also fine if you want to put all of those records 
directly under mydomain.com. Either way works. I was only pointing out 
that your forward (A) records were out of sync with your reverse (PTR) 
records. That's almost always *not* what you want.
>   
>> 4. The one and only NS for mydomain.com refers to a host called
>> "test.mydomain.com", but there is no A record associated with that name
>>     
>
> As above
>   
Uh, just add an A record with that name to the relevant zone.
>   
>> 5. nslookup is only suitable for casual DNS lookups, not for serious
>> troubleshooting of DNS resolution problems. "dig" is a better choice for
>> that. If you can't get dig working in the near-term, and are stuck using
>> nslookup, at least turn on debugging so you can see what it's doing
>> behind the scenes -- it often misreports errors and you can't really
>> know what failed unless you have debugging on.
>>     
>
> Any chance you could let me know how to do this?
>   
To do what? Run dig? You just invoke it like any other command. If you 
want to invoke it without an explicit pathname, however, you'll need to 
install it from the BIND distribution to some "well known" pathname.

Or, are you looking for some help on what command-line arguments to use 
with dig?

                                                                         
                  - Kevin

>
> Kevin Darcy wrote:
>   
>> 1. You have "forward first" mode set but no forwarders defined (?) Not
>> sure what the point of that is.
>> 2. You're loading your reverse zone as 3.5.10.in-addr.arpa but the A
>> records in your forward zone are all the 10.10.10.* range
>> 3. Your PTR records all refer to names in the test.mydomain.com
>> subdomain, but you have no A records in that subdomain
>> 4. The one and only NS for mydomain.com refers to a host called
>> "test.mydomain.com", but there is no A record associated with that name
>> 5. nslookup is only suitable for casual DNS lookups, not for serious
>> troubleshooting of DNS resolution problems. "dig" is a better choice for
>> that. If you can't get dig working in the near-term, and are stuck using
>> nslookup, at least turn on debugging so you can see what it's doing
>> behind the scenes -- it often misreports errors and you can't really
>> know what failed unless you have debugging on.
>>
>>
>>                - Kevin
>>
>>
>> pawright23 wrote:
>>     
>>> Hi,
>>>
>>> I wonder if anyone can help me with a setup issue I am having with a
>>> standalone DND server. I am quite new to this so any help would be
>>> appreciated.
>>>
>>> I have installed BIND 8.4.6 on a solaris 9 server and configured as
>>> follows:
>>>
>>> created /usr/local/etc/named.conf
>>>
>>> #// This is a configuration file for named (from BIND 8.1 or later).
>>>
>>> #// It would normally be installed as /etc/named.conf.
>>>
>>> #
>>> #
>>>
>>> options { directory "/var/named";
>>>
>>>               };
>>>
>>>     forward first;
>>>
>>>        };
>>>
>>> zone "." {
>>>
>>>     type hint;
>>>
>>>     file "named.ca";
>>>
>>> };
>>>
>>>
>>>
>>> zone "mydomain.com" {
>>>     type master;
>>>
>>>     file "private.hosts";
>>>
>>> };
>>>
>>>
>>>
>>> zone "3.5.10.in-addr.arpa." {
>>>
>>>     type master;
>>>
>>>     file "private.rev";
>>>
>>> };
>>>
>>>
>>>
>>> zone "0.0.127.in-addr.arpa." {
>>>
>>>     type master;
>>>
>>>     file "private.local";
>>>
>>>
>>> created /var/named/named.ca
>>>
>>> ;       This file holds the information on root name servers needed to
>>>
>>> ;       initialize cache of Internet domain name servers
>>>
>>> ;       (e.g. reference this file in the "cache  .  <file>"
>>>
>>> ;       configuration file of BIND domain name servers).
>>>
>>> ;
>>>
>>> ;       This file is made available by InterNIC
>>>
>>> ;       under anonymous FTP as
>>>
>>> ;           file                /domain/named.root
>>>
>>> ;           on server           FTP.INTERNIC.NET
>>>
>>> ;       -OR-                    RS.INTERNIC.NET
>>>
>>> ;
>>>
>>> ;       last update:    Jan 29, 2004
>>>
>>> ;       related version of root zone:   2004012900
>>>
>>> ;
>>>
>>> ;
>>>
>>> ; formerly NS.INTERNIC.NET
>>>
>>> ;
>>>
>>> .                        3600000  IN  NS    A.ROOT-SERVERS.NET.
>>>
>>> A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
>>>
>>> ;
>>>
>>> ; formerly NS1.ISI.EDU
>>>
>>> ;
>>>
>>> .                        3600000      NS    B.ROOT-SERVERS.NET.
>>>
>>> B.ROOT-SERVERS.NET.      3600000      A     192.228.79.201
>>>
>>> ;
>>>
>>> ; formerly C.PSI.NET
>>>
>>> ;
>>>
>>> .                        3600000      NS    C.ROOT-SERVERS.NET.
>>>
>>> C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
>>>
>>> ;
>>>
>>> ; formerly TERP.UMD.EDU
>>>
>>> ;
>>>
>>> .                        3600000      NS    D.ROOT-SERVERS.NET.
>>>
>>> D.ROOT-SERVERS.NET.      3600000      A     128.8.10.90
>>>
>>> ;
>>>
>>> ; formerly NS.NASA.GOV
>>>
>>> ;
>>>
>>> .                        3600000      NS    E.ROOT-SERVERS.NET.
>>>
>>> E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
>>>
>>> ;
>>>
>>> ; formerly NS.ISC.ORG
>>>
>>> ;
>>>
>>> .                        3600000      NS    F.ROOT-SERVERS.NET.
>>>
>>> F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
>>>
>>> ;
>>>
>>> ; formerly NS.NIC.DDN.MIL
>>>
>>> ;
>>>
>>> .                        3600000      NS    G.ROOT-SERVERS.NET.
>>>
>>> G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
>>>
>>> ;
>>>
>>> ; formerly AOS.ARL.ARMY.MIL
>>>
>>> ;
>>>
>>> .                        3600000      NS    H.ROOT-SERVERS.NET.
>>>
>>> H.ROOT-SERVERS.NET.      3600000      A     128.63.2.53
>>>
>>> ;
>>>
>>> ; formerly NIC.NORDU.NET
>>>
>>> ;
>>>
>>> .                        3600000      NS    I.ROOT-SERVERS.NET.
>>>
>>> I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
>>>
>>> ;
>>>
>>> ; operated by VeriSign, Inc.
>>>
>>> ;
>>>
>>> .                        3600000      NS    J.ROOT-SERVERS.NET.
>>>
>>> J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
>>>
>>> ;
>>>
>>> ; operated by RIPE NCC
>>>
>>> ;
>>>
>>> .                        3600000      NS    K.ROOT-SERVERS.NET.
>>>
>>> K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
>>>
>>> ;
>>>
>>> ; operated by ICANN
>>>
>>> ;
>>>
>>> .                        3600000      NS    L.ROOT-SERVERS.NET.
>>>
>>> L.ROOT-SERVERS.NET.      3600000      A     198.32.64.12
>>>
>>> ;
>>>
>>> ; operated by WIDE
>>>
>>> ;
>>>
>>> .                        3600000      NS    M.ROOT-SERVERS.NET.
>>>
>>> M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
>>>
>>>
>>> created /var/named/private.hosts
>>>
>>> ;
>>>
>>> ;    Hosts file for domain mydomain.com.
>>> ;
>>>
>>> ;name    ttl    class    type    data
>>>
>>> ;
>>>
>>> ;    Source of authority
>>>
>>> @        IN    SOA    test.mydomain.com. root.test.mydomain.com.  (
>>>                 2000050201    ; Serial
>>>
>>>                 10800    ; Refresh - 3 hours
>>>
>>>                 3600    ; Retry - 1 hour
>>>
>>>                 432000    ; Expire - 1 week
>>>
>>>                 86400)    ; Minimum - 1 day
>>>
>>>          IN    NS    test.mydomain.com.
>>> ;
>>>
>>> ;    Machines for the test.mydomain.com domain
>>> ;
>>>
>>> ;name    ttl    class    type    data
>>>
>>> localhost       IN       A       127.0.0.1
>>>
>>> host1         IN       A       10.10.10.11
>>>
>>> host2         IN       A       10.10.10.12
>>>
>>> created /var/named/private.rev
>>>
>>> ;
>>>
>>> ;    Reverse address file for mydomain.com
>>> ;
>>>
>>> ;name    ttl    class    type    data
>>>
>>> ;
>>>
>>> ;    Source of authority
>>>
>>> @        IN    SOA    test.mydomain.com. root.test.mydomain.com.  (
>>>                 2000050201    ; Serial
>>>
>>>                 10800    ; Refresh - 3 hours
>>>
>>>                 3600    ; Retry - 1 hour
>>>
>>>                 432000    ; Expire - 1 week
>>>
>>>                 86400)    ; Minimum - 1 day
>>>
>>>         IN    NS    test.mydomain.com.
>>> ;
>>>
>>> ;    Machines names
>>>
>>> ;
>>>
>>> ;name    ttl    class    type    data
>>>
>>> 11        IN    PTR    host1.test.mydomain.com.
>>> 12        IN    PTR    host2.test.mydomain.com.
>>>
>>> created /var/named/private.local
>>>
>>> ;
>>>
>>> ;    Reverse address file for localhost
>>>
>>> ;
>>>
>>> ;name    ttl    class    type    data
>>>
>>> ;
>>>
>>> ;    Source of authority
>>>
>>> @        IN    SOA    test.mydomain.com. root.test.mydomain.com.  (
>>>                 2000050201    ; Serial
>>>
>>>                 10800    ; Refresh - 3 hours
>>>
>>>                 3600    ; Retry - 1 hour
>>>
>>>                 432000    ; Expire - 1 week
>>>
>>>                 86400)    ; Minimum - 1 day
>>>
>>>         IN    NS    test.mydomain.com.
>>> ;
>>>
>>> ;    Machines names
>>>
>>> ;
>>>
>>> ;name    ttl    class    type    data
>>>
>>> 1        IN    PTR    localhost.
>>>
>>>
>>> then started the named daemon with:
>>>
>>> # /usr/local/etc/named.conf
>>>
>>> and nslookups don't work!
>>>
>>> Can anyone offer any insight? (I'm not really understanding how these
>>> SOA entries work - could they be messed up as I've just stuck some
>>> arbitrary values in there based on a templete I saw? Do all your host
>>> resolutions go in the private.hosts and private.rev files?
>>>
>>> Many thanks
>>>
>>> Pete
>>>
>>>
>>>
>>>
>>>
>>>
>>>       
>
>
>
>
>
>   



More information about the bind-users mailing list