From owner-freebsd-stable@FreeBSD.ORG Tue Jul 17 08:16:03 2007 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4EF1516A404 for ; Tue, 17 Jul 2007 08:16:03 +0000 (UTC) (envelope-from lofi@freebsd.org) Received: from mail-in-15.arcor-online.net (mail-in-15.arcor-online.net [151.189.21.55]) by mx1.freebsd.org (Postfix) with ESMTP id 4B7D213C4B3 for ; Tue, 17 Jul 2007 08:16:02 +0000 (UTC) (envelope-from lofi@freebsd.org) Received: from mail-in-01-z2.arcor-online.net (mail-in-01-z2.arcor-online.net [151.189.8.13]) by mail-in-15.arcor-online.net (Postfix) with ESMTP id 73240442E2; Tue, 17 Jul 2007 10:20:42 +0200 (CEST) Received: from mail-in-04.arcor-online.net (mail-in-04.arcor-online.net [151.189.21.44]) by mail-in-01-z2.arcor-online.net (Postfix) with ESMTP id 594D213EF01; Tue, 17 Jul 2007 10:16:01 +0200 (CEST) Received: from lofi.dyndns.org (dslb-084-061-176-190.pools.arcor-ip.net [84.61.176.190]) by mail-in-04.arcor-online.net (Postfix) with ESMTP id 01DE21BF387; Tue, 17 Jul 2007 10:16:00 +0200 (CEST) Received: from kiste.my.domain (root@kiste.my.domain [192.168.8.15]) by lofi.dyndns.org (8.13.8/8.13.3) with ESMTP id l6H86YWv004218 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 17 Jul 2007 10:06:35 +0200 (CEST) (envelope-from lofi@freebsd.org) Received: from kiste.my.domain (lofi@localhost [127.0.0.1]) by kiste.my.domain (8.14.1/8.13.4) with ESMTP id l6H86YT9004711; Tue, 17 Jul 2007 10:06:34 +0200 (CEST) (envelope-from lofi@freebsd.org) Received: by kiste.my.domain (8.14.1/8.13.4/Submit) id l6H86YFp004708; Tue, 17 Jul 2007 10:06:34 +0200 (CEST) (envelope-from lofi@freebsd.org) X-Authentication-Warning: kiste.my.domain: lofi set sender to lofi@freebsd.org using -f From: Michael Nottebrock To: Volker Date: Tue, 17 Jul 2007 10:06:31 +0200 User-Agent: KMail/1.9.7 References: <200707162319.41724.lofi@freebsd.org> <200707170920.24692.lofi@freebsd.org> <469C724F.1030400@vwsoft.com> In-Reply-To: <469C724F.1030400@vwsoft.com> X-Face: g:jG2\O{-yqD1x?DG2lU1)(v%xffR"p8Nz(w/*)YEUO\Hn%mGi&-!+rq$&r64,=?utf-8?q?fuP=7E=3Bbw=5C=0A=09=5EQdX?=@v~HEAi?NaE8SU]}.oeYSjN84Fe{M(ahZ.(i+lxyP; pr)2[%mGbkY'RmM>=?utf-8?q?+mg3Y=24ip=0A=091?=@Z>[EUaE7tjJ=1DRs~:!uSd""d~:/Er3rpQA%ze|bp>S MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2302559.jWhKoKUfrP"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200707171006.32059.lofi@freebsd.org> X-Virus-Scanned: by amavisd-new X-Virus-Scanned: ClamAV version 0.91.1, clamav-milter version 0.91.1 on mail-in-04.arcor-online.net X-Virus-Status: Clean Cc: dougb@freebsd.org, freebsd-stable@freebsd.org, Yuri Pankov Subject: Re: Problems with named default configuration in 6-STABLE X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jul 2007 08:16:03 -0000 --nextPart2302559.jWhKoKUfrP Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tuesday, 17. July 2007, Volker wrote: > On 07/17/07 09:20, Michael Nottebrock wrote: > > On Tuesday, 17. July 2007, Yuri Pankov wrote: > >> On Mon, Jul 16, 2007 at 11:19:41PM +0200, Michael Nottebrock wrote: > >>> I finally updated my desktop from 5.5-RELEASE to 6-STABLE. This got me > >>> a new named.conf, which I modified to run named as a local resolver, > >>> like I had before: > >>> > >>> listen-on { 127.0.0.1; }; > >>> listen-on-v6 { ::1; }; > >>> forward only; > >>> forwarders { > >>> 192.168.8.1; > >>> }; > >>> > >>> Everything else is default. However, with this default configuration, > >>> named will not resolve any hosts of my local domain (my.domain), which > >>> uses addresses in the 192.168.8 subnet. My dns server on 192.168.8.1, > >>> running 6.2-RELEASE, has a very simple dynamic dns setup: a zone > >>> "my.domain" and a reverse zone 8.168.192.in-addr.arpa which are both > >>> dynamically updated by dhcpd. > >>> > >>> To make this work again, I had to delete everything in the default > >>> named.conf from "/* Slaving the following zones from the root > >>> [...]" to "zone "ip6.int" { type master; > >>> file "master/empty.db"; };". > >>> > >>> I'm a DNS n00b, but I suspect that such drastic measures shouldn't be > >>> required and somehow my setup is flawed. What can I do to make this > >>> work right? > >>> > >>> > >>> Cheers, > >>> -- > >>> ,_, | Michael Nottebrock | lofi@freebsd.org > >>> (/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org > >>> \u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org > >> > >> Hi Michael, > >> > >> If I understood you correctly, you can't resolve 8.168.192.in-addr.arpa > >> anymore, and the line below (from default named.conf) is the cause: > >> > >> zone "168.192.in-addr.arpa" { type master; file "master/empty.db"; }; > > > > Yes - and this: > > > > zone "." { > > type slave; > > The root zone MUST be of type hint. You do not want to be a slave of > the root... don't you? ;) The new default configuration of named wants me to be. But now that you've mentioned it, I finally saw the following lines in the= =20 default named.conf: =2D-- If you do not wish to slave these zones from the root servers use the entry below instead. zone "." { type hint; file "named.root"; }; =2D-- I scanned over that before, but being a DNS n00b, I didn't understand what = it=20 meant. So, that solves that. Still, quite a bit of editing required:=20 Commenting out the slaved root zone, moving out the root servers hint out o= f=20 a comment and commenting out the empty zone for my private use network to=20 make reverse lookups work again. I think at least an UPDATING entry and maybe some more verbose and less=20 technical commenting in named.conf itself is warranted. =2D-=20 ,_, | Michael Nottebrock | lofi@freebsd.org (/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org \u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org --nextPart2302559.jWhKoKUfrP Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQBGnHiIXhc68WspdLARAuSHAKCk7dskkSAzlAiquA48iGvGf+B88ACeOoj4 XfDcTp42hWrF4RFOnG1jE8c= =bto6 -----END PGP SIGNATURE----- --nextPart2302559.jWhKoKUfrP--