DNS's example of configuration with view and zones

Darcy Kevin (FCA) kevin.darcy at fcagroup.com
Thu Aug 20 15:54:41 UTC 2015


Please be clear: is your confusion/concern over the *reverse*zones* that are associated with the subnets of these 3 network interfaces?

Because, if you're only dealing with *forward* zones, then the fact that you have 3 interfaces, on 3 different subnets, really doesn't matter (since named will, by default, listen on all interfaces, and for outbound queries, it's left to the Operating System to decide, based on its routing configuration, what interface to use to send any given packet). From a forward-zone perspective, whether you have 3 interfaces, or 30, you should be able to use the same named.conf (although one may wish to tune the interface-interval, depending on how dynamically those interfaces are being added/deleted).

If it's *reverse*zones* that you're struggling with, please understand that the reverse zones hosted by a given nameserver may not have anything to do with the interfaces that are configured on the box. There is no requirement that a given nameserver host *any* reverse DNS for any subnet on which it is resident, or, for that matter, any reverse DNS at all. It is a best practice for *someone* to host the reverse DNS for any given subnet, but it could be a completely different nameserver, perhaps run by a completely different organization, and may not be *in* the subnet for which it is hosting reverse DNS. If we're talking "private" (RFC 1918 and/or RFC 4193) addresses, then you can't expect anyone on the Internet to host that for you -- you'd need to make your own arrangements to have those parts of the reverse-DNS namespace(s) resolvable on your private network.

If you just need an example of how to define IPv4 reverse zones, then:

zone "2.0.192.in-addr.arpa" {
	type master;
	file "2.0.192.in-addr.arpa";
}; 

zone "100.51.198.in-addr.arpa" {
	type master;
	file "100.51.198.in-addr.arpa";
};

zone "113.0.203.in-addr.arpa" {
	type master;
	file "113.0.203.in-addr.arpa";
};

For each zone, define the SOA, at least 2 NSes, and populate your reverse entries as PTR records.

											- Kevin

-----Original Message-----
From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Int
Sent: Thursday, August 20, 2015 12:45 AM
To: Reindl Harald
Cc: bind-users at lists.isc.org
Subject: DNS's example of configuration with view and zones
Importance: High

You would be able to send me some DNS's example of configuration with view and zones, for 3 interfaces of net, for favor as I can create the inverse zones for 3 different sub-nets

I do not have access to internet in Cuba

Greetings
  William

----- Mensaje original -----
De: "Reindl Harald" <h.reindl at thelounge.net>
Para: bind-users at lists.isc.org
Enviados: Miércoles, 19 de Agosto 2015 18:59:27
Asunto: Re: Can I run two name servers on one host with two IP addresses?


Am 20.08.2015 um 00:53 schrieb Tom Browder:
> I have a single server with access to several IP addresses from my 
> dedicated host provider.  They do not provide DNS service so I 
> currently use my domain registrar.
>
> I would like  to run my own DNS server but I only have the one server 
> (with 5 IP addresses).  Is it possible (and permitted) to run DNS with 
> just one real server?

they have to be on different IP networks and the reason si simply to avoid a single-point of failure

so even if you have different IP ranges on your single machine don't do it - unless they come from different internet connections and your machine itself is a HA cluster

DNS going down has a lot of side-effects for a domain


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


More information about the bind-users mailing list