Date: Sat, 24 Mar 2001 14:46:32 +0100 From: Len Conrad <LConrad@Go2France.com> To: freebsd-questions@FreeBSD.ORG Subject: Re: DNS Part II Message-ID: <5.0.0.25.0.20010324063333.0550dd40@mail.Go2France.com> In-Reply-To: <3ABC25D6.4050201@optonline.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>mail services just for my little lan. I used the o'reilly dns book >to aid me. With everything done, nameresolution did what it was >supposed to do. I noticed that there were multiple queries going >out on the net to the root servers. I didn't want that to happen, why not? how else do you expect your NS to navigate the domain namespace? Your DNS was doing iterative queries to the root and lower servers to resolve the recursive query from your LAN. >(didn't know if it was illegal or proper). legal and proper >I changed my db.cache file to just say that my box was the "root" >server. Now that solved the multiple queries going to the root >servers, but now Im unable to "nslookup" outside my lan, but yet I >can still surf, send email, etc... so don't be a root server Use dig rather than nslookup, or least use the latest ISC lookup in BIND 8.2.3 which no longer requires a PTR record for the NS being used. >My resolve.conf file specifies to use my nameserver first and then >my ISP's primary then secondary. that's fine for when your LAN NS is unreachable >Am I going about things wrongly. Is it even possible to have a >private dns box where it resolves for the lan To resolve for the LAN, your LAN's boxes have to be in a (private, internal) zone for which your DNS is authoritative. Have you set up a "private" zone for your LAN with your NS as authoritative for it, something private and non-conflictual like mydomain.trini ? >and if queries aren't found there, to go and query my ISP's name servers?? The forwarding setup works, too, but it's not the only way. It does have the advantage of less traffic on your internet link it the latter is a dial-up modem, but is not really much advantage if you have hi-speed link such as cable or DSL. Len http://MenAndMice.com/DNS-training : In Austin, TX; SFO, CA; Paris, FR http://BIND8NT.MEIway.com : ISC BIND 8.2.3 "NT3" for NT4 & W2K http://IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.0.25.0.20010324063333.0550dd40>