Page 1 of 2 12 Last
  • Jump to page:
    #1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    England, UK
    Posts
    41
    Rep Power
    13

    Creating ns1 & ns2 with Bind


    Hi

    I have now got bind installed and is working fine. The problem is i need to create two name servers using two different ip's. One is the server's ip and the other is a spare one.

    How would i go about creating the two name servers, my named.conf file and localhost.rev files are below. Do i need to do more config or create more files before i can create name servers or what?

    named.conf:
    Code:
    // $FreeBSD: src/etc/namedb/named.conf,v 1.6.2.2 2001/03/05 13:34:52 asmodai Exp $
    //
    // Refer to the named(8) man page for details.  If you are ever going
    // to setup a primary server, make sure you've understood the hairy
    // details of how DNS is working.  Even with simple mistakes, you can
    // break connectivity for affected parties, or cause huge amount of
    // useless Internet traffic.
    
    options {
    	directory "/etc/namedb";
    
    // In addition to the "forwarders" clause, you can force your name
    // server to never initiate queries of its own, but always ask its
    // forwarders only, by enabling the following line:
    //
    //      forward only;
    
    // If you've got a DNS server around at your upstream provider, enter
    // its IP address here, and enable the line below.  This will make you
    // benefit from its cache, thus reduce overall DNS traffic in the Internet.
    /*
    	forwarders {
    		127.0.0.1;
    	};
    */
    	/*
    	 * If there is a firewall between you and nameservers you want
    	 * to talk to, you might need to uncomment the query-source
    	 * directive below.  Previous versions of BIND always asked
    	 * questions using port 53, but BIND 8.1 uses an unprivileged
    	 * port by default.
    	 */
    	// query-source address * port 53;
    
    	/*
    	 * If running in a sandbox, you may have to specify a different
    	 * location for the dumpfile.
    	 */
    	// dump-file "s/named_dump.db";
    };
    
    // Note: the following will be supported in a future release.
    /*
    host { any; } {
    	topology {
    		127.0.0.0/8;
    	};
    };
    */
    
    // Setting up secondaries is way easier and the rough picture for this
    // is explained below.
    //
    // If you enable a local name server, don't forget to enter 127.0.0.1
    // into your /etc/resolv.conf so this server will be queried first.
    // Also, make sure to enable it in /etc/rc.conf.
    
    zone "." {
    	type hint;
    	file "named.root";
    };
    
    zone "0.0.127.IN-ADDR.ARPA" {
    	type master;
    	file "localhost.rev";
    };
    
    zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT" {
    	type master;
    	file "localhost.rev";
    };
    
    // NB: Do not use the IP addresses below, they are faked, and only
    // serve demonstration/documentation purposes!
    //
    // Example secondary config entries.  It can be convenient to become
    // a secondary at least for the zone where your own domain is in.  Ask
    // your network administrator for the IP address of the responsible
    // primary.
    //
    // Never forget to include the reverse lookup (IN-ADDR.ARPA) zone!
    // (This is the first bytes of the respective IP address, in reverse
    // order, with ".IN-ADDR.ARPA" appended.)
    //
    // Before starting to setup a primary zone, better make sure you fully
    // understand how DNS and BIND works, however.  There are sometimes
    // unobvious pitfalls.  Setting up a secondary is comparably simpler.
    //
    // NB: Don't blindly enable the examples below. :-)  Use actual names
    // and addresses instead.
    //
    // NOTE!!! FreeBSD can run bind in a sandbox (see named_flags in rc.conf).
    // The directory containing the secondary zones must be write accessible 
    // to bind.  The following sequence is suggested:
    //
    //	mkdir /etc/namedb/s
    //	chown bind.bind /etc/namedb/s
    //	chmod 750 /etc/namedb/s
    
    /*
    zone "domain.com" {
    	type slave;
    	file "s/domain.com.bak";
    	masters {
    		192.168.1.1;
    	};
    };
    
    zone "0.168.192.in-addr.arpa" {
    	type slave;
    	file "s/0.168.192.in-addr.arpa.bak";
    	masters {
    		192.168.1.1;
    	};
    };
    */
    localhost.rev:
    Code:
    $TTL	86400
    @       IN      SOA     localhost. root.localhost.  (
                                          1997022700 ; Serial
                                          28800      ; Refresh
                                          14400      ; Retry
                                          3600000    ; Expire
                                          86400 )    ; Minimum
                  IN      NS      localhost.
    
    1       IN      PTR     localhost.
    The domain i want to use is sthost.co.uk and i want to create ns1.sthost.co.uk and ns2.sthost.co.uk using the ip's 212.xx.xxx.31 & 212.xx.xxx.32

    Thanks for any help.
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2001
    Posts
    4
    Rep Power
    0
    Whoever has the answer would know how named.conf may look like, therefore, NEVER POST THE DEFAULT named.conf HERE (including the comment lines). IT IS A WASTE OF RESOURCE.

    >> The domain i want to use is sthost.co.uk and i want to create

    You seem to be asking someone to do the whole work for you, which is plain easy to me, but your laziness tells me to reply with: Search google.com, just because your question is too general and is covered in many searchable HowTos.

    >> The problem is i need to create two name servers using two different ip's

    It's pointless to install both master and slave on the same box. If you can afford a McDonald mini-meal, build a cheap box and configure it as the slave. I run my master on p133 and slave on p120 both with 64mb RAMs, plus many other services.

    >> Do i need to do more config or create more files before i can create name servers or what?

    You need zone files.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    England, UK
    Posts
    41
    Rep Power
    13
    Hi

    Sorry if it seemed i was being lazy, its just i searched google before posting and could not find much. I'll go have another go and try some other search terms.

    What we will do in the end when everything is setup is share it between two servers. Our current one is a p3 800mhz one and the second one when we get it will probably be the same.

    Thank you for your help.
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2001
    Posts
    4
    Rep Power
    0
    >> searched google before posting and could not find much

    Try this one -> http://www.freebsddiary.org/topics.php#dns

    You might think I was a bit rude in my last post. Don't get me wrong, I am always willing to help if I see a sign that you have tried it yourself but it didn't work out. That said, you are more than welcome to ask particular questions, but not something like your previous post to ask someone to do everything for you.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    England, UK
    Posts
    41
    Rep Power
    13
    Hi

    OK thanks i'll take a look at the site in a few minutes then when i've finished installing mySQL. Had a quick look and it looks helpful, thanks.

    No problem about your previous post, you've helped me loads before and i know the only way to learn to do it is to do it myself.

    Thanks for your help.
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    England, UK
    Posts
    41
    Rep Power
    13
    Hi

    Just need to check a couple of things.

    When i start bind it says:

    Code:
    Dec  5 21:26:35 2aa named[64980]: the default for the 'auth-nxdomain' option is
    now 'no'
    Would this affect anything. Also i am running Bind version 9 - it was installed by someone else.

    Thanks.
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2001
    Posts
    4
    Rep Power
    0
    Then disable it by removing the line auth-nxdomain yes; within options {};. In previous versions of BIND there was a critical security flaws for enabling auth-nxdomain, for caching negative responses as authoritative. Now that ISC finally aware of their previous mistake and disable auth-nxdomain by default.
    If you are concerning about security, you shouldn't install BIND in the first place. Go for djbdns instead. Needless to say, check thru all threads in this forum and you will be able to find many BIND vs. djbdns posts.
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    England, UK
    Posts
    41
    Rep Power
    13
    Hi

    I've tried and tried but cant seem to get it to work. There's been me and another bloke trying to work it out.

    Do you know anyone who would be willing to do this as i'm about to give up on it and we need it doing soon. We are willing to pay cash so if you know anyone or if you could, can you let us know please.

    Thanks.
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2001
    Posts
    4
    Rep Power
    0
    >> I've tried and tried

    So what did you do?

    but cant seem to get it to work

    What happened? How can you tell? What did the log say?
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    England, UK
    Posts
    41
    Rep Power
    13
    Hi

    Well first thing i'm not sure about is registering the name servers.

    I registered ns1.sthost.co.uk with the IP 212.73.244.31 and when you go to http://www.internic.net/cgi/whois?wh...ype=nameserver you can see its in their database

    But what i've noticed is when you go on another name server like this one http://www.internic.net/cgi/whois?wh...ype=nameserver You see their is an extra section with their IP, could this affect anything?

    Another problem is when i'm doing the config in named.conf and so on i'm a little unsure about what files there should be there as i've looked at some sites and they have so many config files and others have other amounts and different files for the same version.

    We've also tried to create what we believe is the correct config then change a domain names name servers but that wont work, says it cant find them.

    I cant get my shell program open yet as i got loads open so i'll post the log for you later.

    Thanks.
  20. #11
  21. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2001
    Posts
    4
    Rep Power
    0
    Post your named.conf and db.sthost.co.uk zone file here. Be sure to remove all comment lines.
  22. #12
  23. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    England, UK
    Posts
    41
    Rep Power
    13
    Hi

    Here are the the two files as requested:

    /etc/namedb/named.con:
    Code:
    options {
    	directory "/etc/namedb";
    	auth-nxdomain yes;
    };
    
    zone "." {
    	type hint;
    	file "named.root";
    };
    
    zone "0.0.127.IN-ADDR.ARPA" {
    	type master;
    	file "localhost.rev";
    	notify no;
    };
    
    zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT" {
    	type master;
    	file "localhost.rev";
    };
    
    zone "sthost.co.uk" {
    	type master;
    	file "s/sthost.co.uk";
    };
    /etc/namedb/s/sthost.co.uk (not got db. - would that matter?)
    Code:
    sthost.co.uk. IN SOA sthost.co.uk. root.sthost.co.uk. (
    		2	; Serial
    		10800	; Refresh after 3 hours
    		3600	; Retry after 1 hour
    		604800	; Expire after 1 week
    		86400 )	; Minimum TTL of 1 day
    
    ;; ANSWER SECTION:
    mail.sthost.co.uk.		IN MX	10 mail.sthost.co.uk.
    
    ;; AUTHORITY SECTION:
    sthost.co.uk.	IN NS  ns1.sthost.co.uk.
    sthost.co.uk.	IN NS  ns2.sthost.co.uk.
    
    ;; ADDITIONAL SECTION:
    ns1.sthost.co.uk.	IN A	212.73.244.31
    ns2.sthost.co.uk.	IN A	212.73.244.32
    Thanks.
  24. #13
  25. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2001
    Posts
    4
    Rep Power
    0
    I assume you are running non-chroot environment (bad):

    /etc/namedb/named.conf:
    Code:
    options {
    	directory "/etc/namedb";
            version "";
            pid-file "/var/run/named.pid";
            allow-transfer { 212.73.244.32; };
    	
            auth-nxdomain no;
    };
    
    zone "sthost.co.uk" in {
    	type master;
    	file "s/sthost.co.uk";
    };
    
    zone "0.0.127.in-addr.arpa" in {
    	type master;
    	file "localhost.rev";
            allow-transfer { none; };
    	notify no;
    };
    
    zone "." in {
    	type hint;
    	file "named.root";
    };
    /etc/namedb/s/sthost.co.uk (tab delimited only)
    Code:
    $TTL	86400
    sthost.co.uk. IN SOA sthost.co.uk. hostmaster.sthost.co.uk. (
    		200112061630	; Serial
    		10800	; Refresh after 3 hours
    		3600	; Retry after 1 hour
    		604800	; Expire after 1 week
    		86400 )	; Minimum TTL of 1 day
    sthost.co.uk.		IN	NS	ns1.sthost.co.uk.
    sthost.co.uk.		IN	NS	ns2.sthost.co.uk.
    ns1.sthost.co.uk.	IN	A	212.73.244.31
    ns2.sthost.co.uk.	IN	A	212.73.244.32
    sthost.co.uk.		IN	A	212.73.244.31
    www.sthost.co.uk.	IN	A	212.73.244.31
    sthost.co.uk.		IN	MX	10	ns2.sthost.co.uk.
    >> mail.sthost.co.uk. IN MX 10 mail.sthost.co.uk.

    This is not how MX record should be. Further, mail.sthost.co.uk itself doesn't have an A record. Unless you have a 3rd static IP, don't use mail.sthost.co.uk, use your ns1 or ns2 at all time. The reason is that, mail relies on DNS extremely heavily and additional level of lookup is unreliable.

    BIND also will complain if you don't set $TTL 86400.

    Be sure to contact 34sp.com immediately and tell them to remove your DNS record from their database. Currently a recursive lookup tells me they are authoritative for your domain.
    Last edited by freebsd; December 6th, 2001 at 06:29 PM.
  26. #14
  27. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    England, UK
    Posts
    41
    Rep Power
    13
    Hi

    Thanks for the advise, i've made the changes and emailed 34sp but off to bed now so will carry on with it tomorrow.

    Thanks for your help.
  28. #15
  29. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    England, UK
    Posts
    41
    Rep Power
    13
    Hi

    Still no look. Bind not working so about to give up.

    Thanks.
Page 1 of 2 12 Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo