From owner-freebsd-questions@FreeBSD.ORG Thu Jun 23 02:32:46 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F24B16A41C for ; Thu, 23 Jun 2005 02:32:46 +0000 (GMT) (envelope-from kline@tao.thought.org) Received: from tao.thought.org (dsl231-043-140.sea1.dsl.speakeasy.net [216.231.43.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id 084F543D53 for ; Thu, 23 Jun 2005 02:32:45 +0000 (GMT) (envelope-from kline@tao.thought.org) Received: from tao.thought.org (localhost [127.0.0.1]) by tao.thought.org (8.13.1/8.13.1) with ESMTP id j5N2ahL8064038; Wed, 22 Jun 2005 19:36:43 -0700 (PDT) (envelope-from kline@tao.thought.org) Received: (from kline@localhost) by tao.thought.org (8.13.1/8.13.1/Submit) id j5N2aSC3064037; Wed, 22 Jun 2005 19:36:28 -0700 (PDT) (envelope-from kline) Date: Wed, 22 Jun 2005 19:36:27 -0700 From: Gary Kline To: Giorgos Keramidas Message-ID: <20050623023627.GA63945@thought.org> References: <20050623001343.GA63523@thought.org> <20050623005626.GB1523@gothmog.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050623005626.GB1523@gothmog.gr> User-Agent: Mutt/1.4.2.1i X-Organization: Thought Unlimited. Public service Unix since 1986. X-Of_Interest: Observing 18++ years of service to the Unix community Cc: Gary Kline , freebsd-questions@freebsd.org Subject: Re: private/internal db file question... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jun 2005 02:32:46 -0000 On Thu, Jun 23, 2005 at 03:56:26AM +0300, Giorgos Keramidas wrote: > On 2005-06-22 17:13, Gary Kline wrote: > > Folks, > > After years or trying, I may have my private/internal DNS db files > > working. From a colo machine I can reach my internal servers. One > > small question for the DNS wizards out there:: are the last > > ".in-addr.arpa" lines considered good-form? Can I blow them away or > > uncomment them? > > Strip them off. Thank you. > > You didn't specify which zone this file was a database for, but looking at the > commented lines it seems like it's the reverse resolution database for > 10.0.0.0/8 (your internal network). DNS records in zone files like this one > refer to addresses "relative" to the zone itself, which is probably defined as > the following in your named.conf configuration file: > > zone "0.0.10.IN-ADDR.ARPA" { > type master; > file "master/10.0.0.rev"; > }; In named.conf I have two files; one is the .rev table: zone "db.private" { type master; file "/etc/namedb/s/db.private"; allow-query { 127.0.0.1/32; 10.0.0.0/8; }; }; zone "db/private.rev" { type master; file "/etc/namedb/s/db.private.rev"; allow-query { 127.0.0.1/32; 10.0.0.0/8; }; }; Below the SOA in db.private is: ; ;; real nameserver: ; IN NS ns1.thought.org. ; ; Machines names ; ;name ttl class type data localhost IN A 127.0.0.1 ; ethic IN A 10.0.0.220 tao IN A 10.0.0.247 sage IN A 10.0.0.1 zen IN A 10.0.0.249 ns1, aka sage, is defined in my main DNS table, db.thought.org. > > This definition of the zone in named.conf declares that addresses of the form > 10.0.0.X will be looked up as PTR records of X in the file "master/10.0.0.rev" > under you named server root directory, i.e. > > ADDRESS DB-FILE RECORD > 10.0.0.1 master/10.0.0.rev 1 > 10.0.0.2 master/10.0.0.rev 2 > ... > 10.0.0.254 master/10.0.0.rev 254 > > Usually, the most tricky part is grasping that "1.0.0.10.IN-ADDR.ARPA." is >ewhat BIND looks up to find the name (or names) associated with the address > 10.0.0.1 (note the reversed byte order of the address parts). Well, it's not only tricky, it's bloody confusing... :-) > > > ;name ttl class type data > > 1 IN PTR localhost > > 1 IN PTR sage > > 220 IN PTR ethic > > 247 IN PTR tao > > 249 IN PTR zen > > These look mostly ok, but you may want to fix the following: > > - "localhost" is usually assigned to 127.0.0.1, not 10.0.0.1 > - the "IN" column is *NOT* the TTL (time to live) of a record What would you replace these row tags with? ((I got these from another database file, obv'ly.) ;name ttl class type data Would: ;record class pointer name name sense? (Help me keep these details straight, in other words:) gary > > > ; > Note that O'Reilly has an excellent book ("DNS & BIND") which you may > find immensely useful in setting up practically any sort of DNS server. > PS: YES!! I read ed 3 and bought edition 4; they helped me get going when I onlt had one FBSD system. .... -- Gary Kline kline@thought.org www.thought.org Public service Unix