From owner-freebsd-questions Wed Jul 21 12:21:59 1999 Delivered-To: freebsd-questions@freebsd.org Received: from mail.utexas.edu (wb2-a.mail.utexas.edu [128.83.126.136]) by hub.freebsd.org (Postfix) with SMTP id D7F081556B for ; Wed, 21 Jul 1999 12:21:38 -0700 (PDT) (envelope-from kevin.weiss@mail.utexas.edu) Received: (qmail 5639 invoked by uid 0); 21 Jul 1999 19:21:37 -0000 Received: from pmcl-pc23.ph.utexas.edu (HELO pmcl-pc23) (128.83.155.133) by umbs-smtp-2 with SMTP; 21 Jul 1999 19:21:37 -0000 X-Sender: kevin.weiss@mail.utexas.edu X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.2 Date: Wed, 21 Jul 1999 14:20:23 -0500 To: freebsd-questions@freebsd.org From: Kevin Weiss Subject: DNS Config Question--named.conf file Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Message-Id: <19990721192144.D7F081556B@hub.freebsd.org> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG My primary reference is the "DNS and BIND" from O'Reilly. My secondary reference is "The Complete FreeBSD" IP#'s and so forth are fake. I have yet to go back and shorten the db files, but I'll do that after I get your opinions. I also want to make sure that I don't allow zone transfers. Here is my named.conf file: =============== // $Id: named.conf,v 1.5 1998/12/23 06:06:13 dillon Exp $ // // Refer to the named(8) man page for details. If you are ever going // to setup a primary server, make sure you've understood the hairy // details of how DNS is working. Even with simple mistakes, you can // break connectivity for affected parties, or cause huge amount of // useless Internet traffic. options { directory "/etc/namedb"; recusrion no; fetch-glue no; }; zone "example.com" in { type master; file "db.example"; notify no; allow-transfer { 149.7.13.3; }; }; zone "13.7.149.in-addr.arpa" in { type master; file "db.149.7.13"; }; zone "0.0.127.in-addr.arpa" in { type master; file "db.127.0.0"; }; zone "." { type hint; file "db.cache"; }; // NOTE!!! FreeBSD runs bind in a sandbox (see named_flags in rc.conf). // The directory containing the secondary zones must be write accessible // to bind. The following sequence is suggested: // // mkdir /etc/namedb/s // chown bind.bind /etc/namedb/s // chmod 750 /etc/namedb/s /* //zone "domain.com" { // type slave; // file "s/domain.com.bak"; // masters { // 192.168.1.1; // }; //}; //zone "0.168.192.in-addr.arpa" { // type slave; // file "s/0.168.192.in-addr.arpa.bak"; // masters { // 192.168.1.1; // }; //}; */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message