From owner-freebsd-questions@FreeBSD.ORG Tue Dec 5 09:41:08 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2989516A4FB for ; Tue, 5 Dec 2006 09:41:08 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [81.187.76.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id AC26743DD3 for ; Tue, 5 Dec 2006 09:37:50 +0000 (GMT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from [IPv6:::1] (localhost [IPv6:::1]) by smtp.infracaninophile.co.uk (8.13.8/8.13.8) with ESMTP id kB59cBHu042280; Tue, 5 Dec 2006 09:38:11 GMT (envelope-from m.seaman@infracaninophile.co.uk) Authentication-Results: smtp.infracaninophile.co.uk from=m.seaman@infracaninophile.co.uk; sender-id=permerror; spf=permerror X-SenderID: Sendmail Sender-ID Filter v0.2.14 smtp.infracaninophile.co.uk kB59cBHu042280 Message-ID: <45753DFD.1060904@infracaninophile.co.uk> Date: Tue, 05 Dec 2006 09:38:05 +0000 From: Matthew Seaman Organization: Infracaninophile User-Agent: Thunderbird 1.5.0.8 (X11/20061110) MIME-Version: 1.0 To: Andrew Falanga References: <340a29540612011303n4b6d6367gc385021cfe0be7dc@mail.gmail.com> <4570AC93.60600@infracaninophile.co.uk> <340a29540612041225n1e36975bj261fd450a56805df@mail.gmail.com> In-Reply-To: <340a29540612041225n1e36975bj261fd450a56805df@mail.gmail.com> X-Enigmail-Version: 0.94.0.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enigB8FBD36047E3745234B99B1C" X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0.2 (smtp.infracaninophile.co.uk [IPv6:::1]); Tue, 05 Dec 2006 09:38:21 +0000 (GMT) X-Virus-Scanned: ClamAV 0.88.6/2279/Tue Dec 5 08:57:59 2006 on happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00, DKIM_POLICY_TESTING,NO_RELAYS autolearn=ham version=3.1.7 X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on happy-idiot-talk.infracaninophile.co.uk Cc: freebsd-questions Subject: Re: Configuring DNS (BIND) in isolation X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Dec 2006 09:41:08 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigB8FBD36047E3745234B99B1C Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable Andrew Falanga wrote: >> >> >> You're on the right track. Yes, you'ld need a zone file for the root = of >> your DNS -- if it's all served from one machine then that would replac= e >> the >> 'hint' zone and named.root stuff in the example named.conf >> >> The zone file for '.' would contain an SOA record and then delegation = for >> whatever forward and reverse domains you want to use. Eg. supposing y= ou >> want to use the TLD 'in.isolation' with IP numbers from 192.168.0.0/24= >> then you'ld need something like: >> >> ; >> ; Root of the private domain name system >> ; >> $TTL 604800 ; 1 week >> >> @ IN SOA ns0.in.isolation. >> hostmaster.in.isolation. ( >> 2006120100 ; Serial >> 1800 ; Refresh (30min) >> 900 ; Retry (15min) >> 604800 ; Expire (1week) >> 86400 ) ; Minimum (1day) >> in.isolation. IN NS ns0.in.isolation. >> 0.168.192.in-addr.arpa. IN NS ns0.in.isolation. >> ns0.in.isolation. IN A 192.168.0.1 ; Glue >> ; >> ; That's All Folks! >> ; >> >=20 > Ok, here's the problems I've got so far. I've made the following files= , >=20 > isolated.zone, isolated.rev, localhost.rev, localhost-v6.rev and root.z= one >=20 > The isolated.* files are for the forward addresses and the reverse poin= ters > for 192.168.0.0/24 that I've set up. The root.zone file contains, what= I > thought should be, for the "." zone. (Matthew, from your message above= , I > wasn't clear if all I'd need is what you have above, or that it was imp= lied > that I'd need a SOA for the "." zone as well. So, I made one.) The above *is* for the root zone. =20 > Now, I'm getting a few errors. Sometimes it seems that named can't fin= d > the > files that I told it to look for in named.conf. I used the original > named.conf file as a reference, and just filled in the "blanks" as it w= ere, > for my zones. >=20 > Also, named keeps complaining about rndc.key files missing. How do I > generate these key files? I didn't find anything from 'man rndc'? Use rndc-confgen and follow the instructions written in the file it outputs about editing named.conf. You won't need a separate rndc.key file. Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW --------------enigB8FBD36047E3745234B99B1C Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFdT4D8Mjk52CukIwRCPQFAJ90extEDpD5Dzj/l4I3eGWd/stCegCeLrWN owI3/WTtXzAbqO9ulvsdJVM= =hz+s -----END PGP SIGNATURE----- --------------enigB8FBD36047E3745234B99B1C--