From owner-freebsd-questions@FreeBSD.ORG Thu Jun 23 19:49:37 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1DBB716A41C for ; Thu, 23 Jun 2005 19:49:37 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from rosebud.otenet.gr (rosebud.otenet.gr [195.170.0.94]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8CC6043D48 for ; Thu, 23 Jun 2005 19:49:35 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from gothmog.gr (patr530-b186.otenet.gr [212.205.244.194]) by rosebud.otenet.gr (8.13.4/8.13.4/Debian-1) with ESMTP id j5NJmwjO007616; Thu, 23 Jun 2005 22:49:27 +0300 Received: from gothmog.gr (gothmog [127.0.0.1]) by gothmog.gr (8.13.4/8.13.4) with ESMTP id j5NJmYNN001265; Thu, 23 Jun 2005 22:48:34 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from giorgos@localhost) by gothmog.gr (8.13.4/8.13.4/Submit) id j5NJmSlg001252; Thu, 23 Jun 2005 22:48:28 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Thu, 23 Jun 2005 22:48:18 +0300 From: Giorgos Keramidas To: Gary Kline Message-ID: <20050623194818.GA1145@gothmog.gr> References: <20050623001343.GA63523@thought.org> <20050623005626.GB1523@gothmog.gr> <20050623023627.GA63945@thought.org> <20050623093615.GE15615@orion.daedalusnetworks.priv> <20050623170639.GB67114@thought.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050623170639.GB67114@thought.org> Cc: freebsd-questions@freebsd.org Subject: Re: private/internal db file question... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jun 2005 19:49:37 -0000 On 2005-06-23 10:06, Gary Kline wrote: > On Thu, Jun 23, 2005 at 12:36:15PM +0300, Giorgos Keramidas wrote: > > > zone "db.private" { > > > type master; > > > file "/etc/namedb/s/db.private"; > > > allow-query { > > > 127.0.0.1/32; 10.0.0.0/8; > > > }; > > > }; > > > > > > zone "db/private.rev" { > > > type master; > > > file "/etc/namedb/s/db.private.rev"; > > > allow-query { > > > 127.0.0.1/32; 10.0.0.0/8; > > > }; > > > }; > > > > Something is very wrong above. You're not supposed to use "db.private" > > (i.e. the name of the _FILE_ that stores the zone records) as the first > > argument of the "zone" configuration directive. > > I stared at named.conf for ten minutes before seeing what > you meant. I think. How about > ^zone "private"{ > }; > > and > > ^zone "private.rev" { > } Sorry for not being clear enough. The first (string) argument of the ``zone'' configuration directive is the name of the ``zone''. What exactly is a ``zone'' is what you are (probably) more inclined to call a ``domain''. In your case: - "thought.org" *IS* a zone - "private" isn't, unless you use names like "laptop.private", "hp2300.private", etc. for all the machines of your internal network. - "private.rev" is one that I bet an arm and a leg cannot and will not work, ever. Reverse zones can only work, AFAIK, if you use the ".IN-ADDR.ARPA" scheme of naming them, i.e.: options { directory "/etc/namedb"; ; ... }; zone "0.0.10.in-addr.arpa." { type master; file "master/db.10.0.0"; ; ... }; When a name server (yours, for instance) wants to lookup the name (or names) of the address 10.0.0.1, they transform the IP address to: 1.0.0.10.in-addr.arpa. and start looking for zones that may match it. The following will be looked up, in order: 1.0.0.10.in-addr.arpa. 0.0.10.in-addr.arpa. 0.10.in-addr.arpa. 10.in-addr.arpa. > This is my entry for db.thought.org. The zone name is simply > "thought.org". That's because this is a "forward resolution", i.e. name => IP address. To resolve IP addresses, the name servers use the zone names I listed above in their lookups. By naming your zone "private.rev", you pretty much guarantee that no name server will be able to resolve IP addresses to host names for your "private" network. - Giorgos