From owner-freebsd-questions@FreeBSD.ORG Sun Jan 14 22:56:46 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 115F616A407 for ; Sun, 14 Jan 2007 22:56:46 +0000 (UTC) (envelope-from derek@computinginnovations.com) Received: from betty.computinginnovations.com (dsl081-227-250.chi1.dsl.speakeasy.net [64.81.227.250]) by mx1.freebsd.org (Postfix) with ESMTP id 47A9213C428 for ; Sun, 14 Jan 2007 22:56:42 +0000 (UTC) (envelope-from derek@computinginnovations.com) Received: from p28.computinginnovations.com (dhcp-10-20-30-100.computinginnovations.com [10.20.30.100]) (authenticated bits=0) by betty.computinginnovations.com (8.13.6/8.12.11) with ESMTP id l0EMuH27059757; Sun, 14 Jan 2007 16:56:18 -0600 (CST) Message-Id: <6.0.0.22.2.20070114165429.025c5068@mail.computinginnovations.com> X-Sender: derek@mail.computinginnovations.com X-Mailer: QUALCOMM Windows Eudora Version 6.0.0.22 Date: Sun, 14 Jan 2007 16:56:04 -0600 To: "Reko Turja" , "Nate Peck" , From: Derek Ragona In-Reply-To: <02fc01c73803$0644d4a0$0a0aa8c0@rivendell> References: <7ddd53320701140839t65f5b005r3b5bbe105c71700e@mail.gmail.com> <02fc01c73803$0644d4a0$0a0aa8c0@rivendell> Mime-Version: 1.0 X-ComputingInnovations-MailScanner-Information: Please contact the ISP for more information X-ComputingInnovations-MailScanner: Found to be clean X-ComputingInnovations-MailScanner-From: derek@computinginnovations.com X-Spam-Status: No Content-Type: text/plain; charset="us-ascii"; format=flowed X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: BIND9 Syntax? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jan 2007 22:56:46 -0000 Once you get the syntax corrected, make sure you are picking up the correct named.conf file by doing: ps -ax| grep name If you don't have /etc/rc.conf setup correctly, you may not be getting the correct named.conf. -Derek At 11:40 AM 1/14/2007, Reko Turja wrote: >----- Original Message ----- From: "Nate Peck" >To: >Sent: Sunday, January 14, 2007 6:39 PM >Subject: BIND9 Syntax? > > >>Dear All, >> >>I've been having trouble with BIND(version 9.3.2-P1), and I'm not sure >>where the problem is. When I try to use nslookup, it spits out: >> >>>server 127.0.0.1 >>Default server: 127.0.0.1 >>Address: 127.0.0.1#53 >>>blue.home.lan >>Server: 127.0.0.1 >>Address: 127.0.0.1#53 >> >>** server can't find blue.home.lan: SERVFAIL >> >>I have my server(blue.home.lan), set up on a LAN. >> >>These are my config files: >> >>db.home.lan: >>$TTL 3h >>home.lan. IN SOA blue.home.lan. ( >> 1 ; Serial >> 3h ; Refresh after 3 hours >> 1h ; Retry after 1 hour >> 1w ; Expire after 1 week >> 1h ) ; Negative caching TTL of 1 hour > > >And you can define the SOA to be home.lan. >Missing the email address of responsible administrator - should be like: > >home.lan. IN SOA home.lan. email.blue.home.lan > ^^^^^^^^^^^^^^^^^^^ > >Notice that first dot only in email-address is substituted by @ > >Usually a good idea is naming the serial like 2007011401 - year, month, >day and serial is easier that way in the long run :) > >>named.conf: >>options { > >If this was public I would consider adding either a recursion no; or >allow-recursion {}; clauses in options in order to avoid some attack >techniques utilizing nameservers. > >>zone "." IN { >> type hint; >> file "named.ca"; >>}; > >You have moved the named.root into named.ca? > >No need for IN in these either. > >> >>zone "localhost" IN { >> type master; >> file "pri/localhost.zone"; >> allow-update { none; }; >> notify no; >>}; > >Again if public, I would add allow-transfer rules to allow the full dump >of domains in questions only at appropriate peering servers. Maybe >allow-query { any; }; for every domain as well. > >I might have missed some bugs at cursory glance, but these should help to >get you started. > >-Reko > >(By the way Greg Leheys nowadays publicly available book about FreeBSD has >pretty good walkthrough about basic nameserver configuration) >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > >-- >This message has been scanned for viruses and >dangerous content by MailScanner, and is >believed to be clean. >MailScanner thanks transtec Computers for their support. > -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support.