Configuring DNS in Fedora core 6
Adam Tkac
atkac at redhat.com
Mon Jun 11 14:30:29 UTC 2007
Damas Ally napsal(a):
> Greetings Adam, Evan and others,
> thanks for your ideas....sorry for delay happened,i was in field for some
> days ....now i am back.
> Pls find the sample of my last conf in both master dns and slave dns:-
>
>
> master dns (fedora core 1, bind 9.2.2, kernel 2.4.22-1.2199.nptlsmp)...the
> named.conf file is placed at /var/named/chroot/etc/named.conf,some of the
> details are :-
>
> // generated by named-bootconf.pl
>
> options {
> directory "/var/named";
> /*
> * If there is a firewall between you and nameservers you want
> * to talk to, you might need to uncomment the query-source
> * directive below. Previous versions of BIND always asked
> * questions using port 53, but BIND 8.1 uses an unprivileged
> * port by default.
> */
> query-source address * port 53;
> notify yes;
> };
>
> //
> // a caching only nameserver config
> //
> controls {
> inet 127.0.0.1 allow { localhost; } keys { rndckey; };
> };
> zone "." IN {
> type hint;
> file "named.ca";
> };
>
> zone "sample.com" IN {
> type master;
> file "sample.com.zone";
> allow-update { none; };
> allow-transfer { ip of slave; };
> .......
> .......
> ......
>
> zone "x.x.x.in-addr.arpa" IN {
> type master;
> file "sample.com.rr.zone";
> allow-update { none; };
> allow-transfer { ip of slave; };
> };
>
> include "/etc/rndc.key";
>
> Then,
> Slave dns (fedora core 3, bind 9.2.5, kernel 2.6.12-1.1381_FC3smp)
> named.conf file is at /var/named/chroot/etc/named.conf ....some of its
> details:-
>
> //
> // named.conf for Red Hat caching-nameserver
> //
>
> options {
> directory "/var/named";
> dump-file "/var/named/data/cache_dump.db";
> statistics-file "/var/named/data/named_stats.txt";
> /*
> * If there is a firewall between you and nameservers you want
> * to talk to, you might need to uncomment the query-source
> * directive below. Previous versions of BIND always asked
> * questions using port 53, but BIND 8.1 uses an unprivileged
> * port by default.
> */
> query-source address * port 53;
> };
>
First, about using FC-1 and FC-3 bind. Those Fedoras aren't supported
now so it doesn't contains security fixes etc. It's strongly recomended
use Fedora 6 at least (or bind from there) if you want have fixes for
all known CVEs.
> //
> // a caching only nameserver config
> //
> controls {
> inet 127.0.0.1 allow { localhost; } keys { rndckey; };
> zone "." IN {
> type hint;
> file "named.ca";
> };
>
> zone "sample.com" IN {
> type slave;
> masters { ip of master; };
> file "sample.com.zone";
> allow-update { none; };
> };
> .........
> ..........
> zone "x.x.x.in-addr.arpa" IN {
> type slave;
> masters { ip of master; };
> file "sample.com.rr.zone";
> allow-update { none; };
> };
>
>
> With that settings my dns are communicating to each other where by the
> master transfer zone files to slave with no prob,
> Now,i installed my slave dns with fedora core 6 is where i am getting
> confusion with named.conf files as they are about two:-
> cmd find / -name named.conf, get the following result
> /etc/dbus-1/system.d/named.conf
> /usr/share/logwatch/default.conf/services/named.conf
>
Those upper 2 files isn't named config files. It's for named + D-BUS and
logwatch + named cooperation.
> /usr/share/doc/bind-9.3.4/sample/etc/named.conf
> /usr/share/system-config-bind/profiles/default/named.conf
>
> The file /usr/share/doc/bind-9.3.4/sample/etc/named.conf and the file
> /usr/share/system-config-bind/profiles/default/named.conf one of them is
> the file to deal with configuration....can someone help me which one is
> the correct file? regarding with the above intro on how my dns used to
> work?
> regards!
>
You could use what you want :)
/usr/share/system-config-bind/profiles/default/named.conf is used by
system-config-bind (GUI utility for creating named's configuration) to
generate default /etc/named.conf.
/usr/share/doc/bind-9.3.4/sample/etc/named.conf is more advanced sample
of /etc/named.conf. Use info from those files and create your own
/etc/named.conf
Adam
> =========
> Damas A.M
> National ISP Manager
> Mob: +255 784 582786 / 464678
> Page: www.juasun.net
> =========
>
More information about the bind-users
mailing list