|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
The Web Buyer's Guide is your best source for white papers on a wide range of IT products and services. This Week's Featured White Papers: Protecting Web Applications from Attack and Misuse by Citrix Systems
|
|
#1
December 3rd, 2001, 06:27 PM
|
|||
|
|||
|
Creating ns1 & ns2 with Bind
Hi
I have now got bind installed and is working fine. The problem is i need to create two name servers using two different ip's. One is the server's ip and the other is a spare one. How would i go about creating the two name servers, my named.conf file and localhost.rev files are below. Do i need to do more config or create more files before i can create name servers or what? named.conf: Code:
// $FreeBSD: src/etc/namedb/named.conf,v 1.6.2.2 2001/03/05 13:34:52 asmodai Exp $
//
// Refer to the named(8) man page for details. If you are ever going
// to setup a primary server, make sure you've understood the hairy
// details of how DNS is working. Even with simple mistakes, you can
// break connectivity for affected parties, or cause huge amount of
// useless Internet traffic.
options {
directory "/etc/namedb";
// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
// forward only;
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
/*
forwarders {
127.0.0.1;
};
*/
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
/*
* If running in a sandbox, you may have to specify a different
* location for the dumpfile.
*/
// dump-file "s/named_dump.db";
};
// Note: the following will be supported in a future release.
/*
host { any; } {
topology {
127.0.0.0/8;
};
};
*/
// Setting up secondaries is way easier and the rough picture for this
// is explained below.
//
// If you enable a local name server, don't forget to enter 127.0.0.1
// into your /etc/resolv.conf so this server will be queried first.
// Also, make sure to enable it in /etc/rc.conf.
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "localhost.rev";
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT" {
type master;
file "localhost.rev";
};
// NB: Do not use the IP addresses below, they are faked, and only
// serve demonstration/documentation purposes!
//
// Example secondary config entries. It can be convenient to become
// a secondary at least for the zone where your own domain is in. Ask
// your network administrator for the IP address of the responsible
// primary.
//
// Never forget to include the reverse lookup (IN-ADDR.ARPA) zone!
// (This is the first bytes of the respective IP address, in reverse
// order, with ".IN-ADDR.ARPA" appended.)
//
// Before starting to setup a primary zone, better make sure you fully
// understand how DNS and BIND works, however. There are sometimes
// unobvious pitfalls. Setting up a secondary is comparably simpler.
//
// NB: Don't blindly enable the examples below. :-) Use actual names
// and addresses instead.
//
// NOTE!!! FreeBSD can run bind in a sandbox (see named_flags in rc.conf).
// The directory containing the secondary zones must be write accessible
// to bind. The following sequence is suggested:
//
// mkdir /etc/namedb/s
// chown bind.bind /etc/namedb/s
// chmod 750 /etc/namedb/s
/*
zone "domain.com" {
type slave;
file "s/domain.com.bak";
masters {
192.168.1.1;
};
};
zone "0.168.192.in-addr.arpa" {
type slave;
file "s/0.168.192.in-addr.arpa.bak";
masters {
192.168.1.1;
};
};
*/
localhost.rev: Code:
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
The domain i want to use is sthost.co.uk and i want to create ns1.sthost.co.uk and ns2.sthost.co.uk using the ip's 212.xx.xxx.31 & 212.xx.xxx.32 Thanks for any help.
|
|
#2
December 4th, 2001, 05:40 AM
|
|||
|
|||
|
Whoever has the answer would know how named.conf may look like, therefore, NEVER POST THE DEFAULT named.conf HERE (including the comment lines). IT IS A WASTE OF RESOURCE.
>> The domain i want to use is sthost.co.uk and i want to create You seem to be asking someone to do the whole work for you, which is plain easy to me, but your laziness tells me to reply with: Search google.com, just because your question is too general and is covered in many searchable HowTos. >> The problem is i need to create two name servers using two different ip's It's pointless to install both master and slave on the same box. If you can afford a McDonald mini-meal, build a cheap box and configure it as the slave. I run my master on p133 and slave on p120 both with 64mb RAMs, plus many other services. >> Do i need to do more config or create more files before i can create name servers or what? You need zone files.
|
|
#3
December 4th, 2001, 12:32 PM
|
|||
|
|||
|
Hi
Sorry if it seemed i was being lazy, its just i searched google before posting and could not find much. I'll go have another go and try some other search terms. What we will do in the end when everything is setup is share it between two servers. Our current one is a p3 800mhz one and the second one when we get it will probably be the same. Thank you for your help.
|
|
#4
December 4th, 2001, 07:25 PM
|
|||
|
|||
|
>> searched google before posting and could not find much
Try this one -> http://www.freebsddiary.org/topics.php#dns You might think I was a bit rude in my last post. Don't get me wrong, I am always willing to help if I see a sign that you have tried it yourself but it didn't work out. That said, you are more than welcome to ask particular questions, but not something like your previous post to ask someone to do everything for you.
|
|
#5
December 5th, 2001, 12:54 PM
|
|||
|
|||
|
Hi
OK thanks i'll take a look at the site in a few minutes then when i've finished installing mySQL. Had a quick look and it looks helpful, thanks. No problem about your previous post, you've helped me loads before and i know the only way to learn to do it is to do it myself. Thanks for your help.
|
|
#6
December 5th, 2001, 03:30 PM
|
|||
|
|||
|
Hi
Just need to check a couple of things. When i start bind it says: Code:
Dec 5 21:26:35 2aa named[64980]: the default for the 'auth-nxdomain' option is now 'no' Would this affect anything. Also i am running Bind version 9 - it was installed by someone else. Thanks.
|
|
#7
December 5th, 2001, 07:50 PM
|
|||
|
|||
|
Then disable it by removing the line auth-nxdomain yes; within options {};. In previous versions of BIND there was a critical security flaws for enabling auth-nxdomain, for caching negative responses as authoritative. Now that ISC finally aware of their previous mistake and disable auth-nxdomain by default.
If you are concerning about security, you shouldn't install BIND in the first place. Go for djbdns instead. Needless to say, check thru all threads in this forum and you will be able to find many BIND vs. djbdns posts.
|
|
#8
December 6th, 2001, 04:02 PM
|
|||
|
|||
|
Hi
I've tried and tried but cant seem to get it to work. There's been me and another bloke trying to work it out. Do you know anyone who would be willing to do this as i'm about to give up on it and we need it doing soon. We are willing to pay cash so if you know anyone or if you could, can you let us know please. Thanks.
|
|
#10
December 6th, 2001, 05:22 PM
|
|||
|
|||
|
Hi
Well first thing i'm not sure about is registering the name servers. I registered ns1.sthost.co.uk with the IP 212.73.244.31 and when you go to http://www.internic.net/cgi/whois?w...type=nameserver you can see its in their database But what i've noticed is when you go on another name server like this one http://www.internic.net/cgi/whois?w...type=nameserver You see their is an extra section with their IP, could this affect anything? Another problem is when i'm doing the config in named.conf and so on i'm a little unsure about what files there should be there as i've looked at some sites and they have so many config files and others have other amounts and different files for the same version. We've also tried to create what we believe is the correct config then change a domain names name servers but that wont work, says it cant find them. I cant get my shell program open yet as i got loads open so i'll post the log for you later. Thanks.
|
|
#12
December 6th, 2001, 05:59 PM
|
|||
|
|||
|
Hi
Here are the the two files as requested: /etc/namedb/named.con: Code:
options {
directory "/etc/namedb";
auth-nxdomain yes;
};
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "localhost.rev";
notify no;
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT" {
type master;
file "localhost.rev";
};
zone "sthost.co.uk" {
type master;
file "s/sthost.co.uk";
};
/etc/namedb/s/sthost.co.uk (not got db. - would that matter?) Code:
sthost.co.uk. IN SOA sthost.co.uk. root.sthost.co.uk. ( 2 ; Serial 10800 ; Refresh after 3 hours 3600 ; Retry after 1 hour 604800 ; Expire after 1 week 86400 ) ; Minimum TTL of 1 day ;; ANSWER SECTION: mail.sthost.co.uk. IN MX 10 mail.sthost.co.uk. ;; AUTHORITY SECTION: sthost.co.uk. IN NS ns1.sthost.co.uk. sthost.co.uk. IN NS ns2.sthost.co.uk. ;; ADDITIONAL SECTION: ns1.sthost.co.uk. IN A 212.73.244.31 ns2.sthost.co.uk. IN A 212.73.244.32 Thanks.
|
|
#13
December 6th, 2001, 06:26 PM
|
|||
|
|||
|
I assume you are running non-chroot environment (bad):
/etc/namedb/named.conf: Code:
options {
directory "/etc/namedb";
version "";
pid-file "/var/run/named.pid";
allow-transfer { 212.73.244.32; };
auth-nxdomain no;
};
zone "sthost.co.uk" in {
type master;
file "s/sthost.co.uk";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "localhost.rev";
allow-transfer { none; };
notify no;
};
zone "." in {
type hint;
file "named.root";
};
/etc/namedb/s/sthost.co.uk (tab delimited only) Code:
$TTL 86400 sthost.co.uk. IN SOA sthost.co.uk. hostmaster.sthost.co.uk. ( 200112061630 ; Serial 10800 ; Refresh after 3 hours 3600 ; Retry after 1 hour 604800 ; Expire after 1 week 86400 ) ; Minimum TTL of 1 day sthost.co.uk. IN NS ns1.sthost.co.uk. sthost.co.uk. IN NS ns2.sthost.co.uk. ns1.sthost.co.uk. IN A 212.73.244.31 ns2.sthost.co.uk. IN A 212.73.244.32 sthost.co.uk. IN A 212.73.244.31 www.sthost.co.uk. IN A 212.73.244.31 sthost.co.uk. IN MX 10 ns2.sthost.co.uk. >> mail.sthost.co.uk. IN MX 10 mail.sthost.co.uk. This is not how MX record should be. Further, mail.sthost.co.uk itself doesn't have an A record. Unless you have a 3rd static IP, don't use mail.sthost.co.uk, use your ns1 or ns2 at all time. The reason is that, mail relies on DNS extremely heavily and additional level of lookup is unreliable. BIND also will complain if you don't set $TTL 86400. Be sure to contact 34sp.com immediately and tell them to remove your DNS record from their database. Currently a recursive lookup tells me they are authoritative for your domain. Last edited by freebsd : December 6th, 2001 at 06:29 PM.
|
|
#14
December 6th, 2001, 06:53 PM
|
|||
|
|||
|
Hi
Thanks for the advise, i've made the changes and emailed 34sp but off to bed now so will carry on with it tomorrow. Thanks for your help.
|
|
| Viewing: Dev Shed Forums > System Administration > DNS > Creating ns1 & ns2 with Bind |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
