Date: Fri, 01 Dec 2006 22:28:35 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Andrew Falanga <af300wsm@gmail.com> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: Configuring DNS (BIND) in isolation Message-ID: <4570AC93.60600@infracaninophile.co.uk> In-Reply-To: <340a29540612011303n4b6d6367gc385021cfe0be7dc@mail.gmail.com> References: <340a29540612011303n4b6d6367gc385021cfe0be7dc@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig9366713FB41229EA59C57912
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable
Andrew Falanga wrote:
> I have a need to make my own DNS system on an isolated network. Years =
ago,
> I administered DNS for a couple of different companies, but that was
> quite a
> while ago and since I've turned to programming I haven't done much in t=
he
> way of network administration. I recall from using BIND 4, when I was
> reading up on it, that it is most certainly possible to configure an en=
tire
> DNS system on a totally isolated network.
>=20
> Would I need zone files for the root, ".", zone and any other zones I
> configure; e.g. "isolation."? This would seem to be the way to go abou=
t
> it,
> but I'm having some difficulty visualizing it in my head. I just did s=
ome
> searches online for the O'Reilly book "DNS & BIND". I recall using thi=
s
> book in the past and it was quite helpful (and unfortunately for me,
> belonged to my former employers). Would this book be a good reference =
for
> this task as well, or are there better books that I might want to look =
into
> getting for this? Or, are there good on-line resources that could help=
me
> muddle through?
You're on the right track. Yes, you'ld need a zone file for the root of
your DNS -- if it's all served from one machine then that would replace t=
he
'hint' zone and named.root stuff in the example named.conf=20
The zone file for '.' would contain an SOA record and then delegation for=
whatever forward and reverse domains you want to use. Eg. supposing you
want to use the TLD 'in.isolation' with IP numbers from 192.168.0.0/24
then you'ld need something like:
;
; Root of the private domain name system
;
$TTL 604800 ; 1 week
@ IN SOA ns0.in.isolation. hostmaster.in.isolation. =
(
2006120100 ; Serial
1800 ; Refresh (30min)
900 ; Retry (15min)
604800 ; Expire (1week)
86400 ) ; Minimum (1day)
in.isolation. IN NS ns0.in.isolation.
0.168.192.in-addr.arpa. IN NS ns0.in.isolation.
ns0.in.isolation. IN A 192.168.0.1 ; Glue
;
; That's All Folks!
;
Then you'ld need the zone files for 'in.isolation.' and
'0.168.192.in-addr.arpa'
The O'Reilly book 'DNS & Bind' by Ablitz and Liu is well worth obtaining.=
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
--------------enig9366713FB41229EA59C57912
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFcKyT8Mjk52CukIwRCC6WAKCUZ3piWFbRd5k4/Rh3wbhiP866qgCdHRhx
u6O8PGzTdw9Ds7fyt4t+Zys=
=4K/k
-----END PGP SIGNATURE-----
--------------enig9366713FB41229EA59C57912--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4570AC93.60600>