<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>On Debian I installed bind9 bind9utils and bind9-doc</p>
<p>Edited configuration, restarted services.</p>
<p>Nothing was changed or enabled besides what is mentioned below.</p>
<p>Sorry for not being able to help more, have not used redhat or
related, for more years than I like to remember ;-)<br>
I remember using version 6 "some time" ago.....</p>
<p>//Danjel</p>
<div class="moz-cite-prefix">On 7/31/2025 8:58 AM, Renzo Marengo
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAMmfGZSPEXux1WTT-8ckFnTDUv2u8SDhzYWkw7aveo=7fNq4-g@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div>Thank you very much but my issue is to understand what
first step I have to do, considering that the following rpm
are just installed:</div>
<div><br>
</div>
<div>bind.x86_64</div>
<div>bind-chroot.x86_64<br>
bind-dnssec-doc.noarch<br>
bind-dnssec-utils.x86_64<br>
bind-libs.x86_64<br>
bind-license.noarch<br>
bind-utils.x86_64</div>
<div><br>
</div>
<div>e.g. </div>
<div>chroot folder structure is just set ?</div>
<div>what service I have to enable at boot ? Bind or bind-chroot
?</div>
<div><br>
</div>
<div><br>
</div>
</div>
<br>
<div class="gmail_quote gmail_quote_container">
<div dir="ltr" class="gmail_attr">Il giorno mer 30 lug 2025 alle
ore 20:55 Danjel Jungersen via bind-users <<a
href="mailto:bind-users@lists.isc.org"
moz-do-not-send="true" class="moz-txt-link-freetext">bind-users@lists.isc.org</a>>
ha scritto:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
On 7/30/2025 1:11 PM, Renzo Marengo wrote:<br>
> I want to install latest rpm of Bind (9.16.23-31) for
Oracle Linux 9 <br>
> to create only cache DNS server which is running in
chroot jail.<br>
> I installed several Bind packages included bind-chroot.<br>
> What document do you suggest me to follow to configure
bind in chroot <br>
> jail ?<br>
> Thanks<br>
><br>
Setting up as caching / forwarder is pretty straight forward:<br>
<br>
In named.conf.options :<br>
recursion yes;<br>
allow-query { trusted; };<br>
allow-transfer { none; };<br>
<br>
forwarders { // From here<br>
192.168.20.10; // Replace with the servers
you want to use<br>
192.168.20.11; // Same here<br>
};<br>
forward only; // to here - must be left out
if you do <br>
not wish to use forwarders, ie the system will do all the work
itself.<br>
<br>
dnssec-validation auto; // Check this setting before
going <br>
online, may not suit your setup.<br>
<br>
listen-on-v6 { any; };<br>
<br>
<br>
In named.conf.local:<br>
acl "trusted" {<br>
<a href="http://192.168.1.0/24" rel="noreferrer"
target="_blank" moz-do-not-send="true">192.168.1.0/24</a>;
// Replace with your own ip's<br>
<a href="http://192.168.20.15/32" rel="noreferrer"
target="_blank" moz-do-not-send="true">192.168.20.15/32</a>;
// Replace with your own ip's<br>
<a href="http://127.0.0.1/32" rel="noreferrer"
target="_blank" moz-do-not-send="true">127.0.0.1/32</a>;<br>
localhost;<br>
};<br>
<br>
I do not know anything about redhat, but as I understand,
debian also <br>
uses chroot.<br>
I run debian and have had zero issues with using the default
setup.<br>
<br>
Best of luck!<br>
Danjel<br>
-- <br>
Visit <a
href="https://lists.isc.org/mailman/listinfo/bind-users"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.isc.org/mailman/listinfo/bind-users</a>
to unsubscribe from this list<br>
<br>
ISC funds the development of this software with paid support
subscriptions. Contact us at <a
href="https://www.isc.org/contact/" rel="noreferrer"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://www.isc.org/contact/</a>
for more information.<br>
<br>
<br>
bind-users mailing list<br>
<a href="mailto:bind-users@lists.isc.org" target="_blank"
moz-do-not-send="true" class="moz-txt-link-freetext">bind-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/bind-users"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</blockquote>
</div>
</blockquote>
<div class="moz-signature">-- <br>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title></title>
Med venlig hilsen/Kind regards<br>
Danjel Jungersen<br>
Mail: <a class="moz-txt-link-abbreviated moz-txt-link-freetext"
href="mailto:danjel@jungersen.dk">danjel@jungersen.dk</a><br>
Mobile: +45 20 42 20 11<br>
<br>
Jungersen Grafisk ApS,<br>
Holsbjergvej 39, DK-2620 Albertslund,<br>
Denmark.<br>
Tel: +45 43 64 10 00<br>
<br>
<a href="https://www.printlight.dk" moz-do-not-send="true">WEBSHOP:
PRINTLIGHT.DK</a> | <a href="https://www.jungersen.dk"
moz-do-not-send="true">WWW.JUNGERSEN.DK</a> <br>
<br>
<a href="https://www.jungersen.dk" moz-do-not-send="true"> <img
moz-do-not-send="false"
src="cid:part1.R62pidFE.4RKD8GVW@jungersen.dk" alt="Logo"
width="125" height="152" border="0"></a> </div>
</body>
</html>