From owner-freebsd-questions@FreeBSD.ORG Thu Jan 5 14:34:16 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 647F216A420 for ; Thu, 5 Jan 2006 14:34:16 +0000 (GMT) (envelope-from teoheras@gmail.com) Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.204]) by mx1.FreeBSD.org (Postfix) with ESMTP id 454C243D80 for ; Thu, 5 Jan 2006 14:33:59 +0000 (GMT) (envelope-from teoheras@gmail.com) Received: by zproxy.gmail.com with SMTP id 8so3217608nzo for ; Thu, 05 Jan 2006 06:33:59 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=tKbgPcIJFlV/d3hoCFstFkCV2BmgQ8ChRSifKFwgm2CwoaoJOG6p5zRWJ57yRsNtM2Vct0KrM4NYQAWESDjRHMITcc1M1oYrdJ43Tr4GayLI2Dd/NT5ou5GtQrEmikWZNM62FoWcScntjS/euYBOXzoVKvdm6v2vc5SY3daw9SA= Received: by 10.36.153.3 with SMTP id a3mr6521525nze; Thu, 05 Jan 2006 06:33:58 -0800 (PST) Received: by 10.36.141.20 with HTTP; Thu, 5 Jan 2006 06:33:58 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2006 09:33:58 -0500 From: Teo De Las Heras To: freebsd-questions@freebsd.org In-Reply-To: <011101c61171$7a81a050$0a0aa8c0@endor.swagman.org> MIME-Version: 1.0 References: <43BC097C.4000401@gmail.com> <011101c61171$7a81a050$0a0aa8c0@endor.swagman.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Setting up a FreeBSD gateway X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jan 2006 14:34:16 -0000 Thanks for the information! I'm getting ready to set up BIND for the first time and this will be very useful. Teo On 1/4/06, Reko Turja wrote: > > > ----- Original Message ----- > From: "Brian Bobowski" > To: "FreeBSD User Questions List" > Sent: Wednesday, January 04, 2006 7:44 PM > Subject: Setting up a FreeBSD gateway > > > However, I don't know how to set up DNS. Specifically, I want to > > either pass all DNS requests through the gateway, or have the gateway > > run a local DNS that queries my ISP's DNS in turn. Can anyone point me > > to some steps on how to set that up? > > If you're going to use BIND (which I recommend and which is included in > the system) check at least the following parameters in named.conf: > > listen-on > - set this to your internal IP > forwarders > - if you dont want to fetch every single record from the official DNS's > and want to utilize your providers DNS cache, set this variable to point > on your ISP's DNS servers. > forward-only > as you're going to have your own domain records set up be sure this is > commented out. > > Basically BIND with this kind of configuration will forward queries to > master or forwarder servers unless it has the master record itself or > there is cached record, which is still valid. > > defining the localhost: > If the machine names are set up right in your fbsd installation, > easiest is to use the make-localhost in the /etc/namedb directory. > > Then you forward zone file for your "domain" as well as reverse zones > for the ip-ranges in use. My files are: > > master/mydomain.org file: > > $TTL 3600 > @ IN SOA xxx.xxx.org. root.xxx.org. ( > ; we define authority as well as the base domain (first xxx.org and > ; the administrative contact - as bind has other uses for "." the mail > ; address is notes with dot between domain and username. > 2005111301 ;serial > ; good idea is to use the shown date notation, and ALWAYS bump the > serial whatever > ;you do to the zone files) > 86400 ;refresh 24h > 7200 ;retry 2h > 192200 ;expire 2d > 86400) ;minimum 24h > > IN NS moria.endor.swagman.org. > ; we define name servers for the zone only one is usually needed for > "private" dns use. > IN MX 5 moria.endor.swagman.org. > ; I define mail handler server just in case... > moria IN A 192.168.10.1 > rivendell IN A 192.168.10.10 > lorien IN A 192.168.10.11 > muppet IN A 192.168.10.20 > ;and then add my workstations > > As the main forward zone is now set up, we need the reverse zones as > well. > > My reverse zone for above setup is (master/rev.mydomain.org): > $TTL 1d > @ IN SOA xxx.xxx.org. root.swagman.org. ( > 2005111301 ;serial > 1d ;refresh > 2h ;retry > 20d ;expire > 2h ) ;neg cache > > IN NS moria.endor.swagman.org. > > 1 IN PTR moria.endor.swagman.org. > 10 IN PTR rivendell.endor.swagman.org. > 11 IN PTR lorien.endor.swagman.org. > 20 IN PTR muppet.endor.swagman.org. > > > With BIND the dots after the names are important, otherwise the names > end up as name.my.domain.my.domain which usually isn't what you want :) > > After the zones are set up you can add them to named.conf as follows: > > zone "xxx.xxx.org" { > type master; > file "master/mydomain.org"; > }; > > zone "10.168.192.in-addr.arpa" { > type master; > file "master/rev.mydomain.org"; > }; > > > In the above note the naming of reverse zone. To get correct resolution > of reverse names you need to name your zone with similar formatting. > > Hope this helps a bit (although I recommend getting Bind handbook > 8available from ISC as pdf, or some of the "basic" BSD books like Greg > Lehey's, Or Michael Lucas's books on Freebsd - both have a good chapter > on DNS setup with BIND. Of course nothing beats the O'Reilly Cricket > book.) > > -Reko > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >