From owner-freebsd-newbies@FreeBSD.ORG Tue Sep 14 19:48:00 2004 Return-Path: Delivered-To: freebsd-newbies@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A81A316A4CE for ; Tue, 14 Sep 2004 19:48:00 +0000 (GMT) Received: from fidel.freesurf.fr (fidel.freesurf.fr [212.43.206.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id D0C6743D3F for ; Tue, 14 Sep 2004 19:47:59 +0000 (GMT) (envelope-from olivier@gautherot.net) Received: from [212.43.209.94] (du-209-94.nat.adsl.claranet.fr [212.43.209.94]) by fidel.freesurf.fr (Postfix) with ESMTP id BA0502A4902; Tue, 14 Sep 2004 21:47:58 +0200 (CEST) Message-ID: <41474AEA.2020707@gautherot.net> Date: Tue, 14 Sep 2004 21:47:54 +0200 From: Olivier Gautherot User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20040812 X-Accept-Language: en-us, en MIME-Version: 1.0 To: jmlewis@dslextreme.com, freebsd-newbies@freebsd.org References: <459caf8e8a2706aceb8a.20040914110554.wzyrjvf@www.dslextreme.com> In-Reply-To: <459caf8e8a2706aceb8a.20040914110554.wzyrjvf@www.dslextreme.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: DNS config problems X-BeenThere: freebsd-newbies@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Gathering place for new users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Sep 2004 19:48:00 -0000 Greetings Joshua! In short, a magical wand and a cast should get you sorted out... unless you ask for a more scientific approach on the freebsd-questions list ;-) Sorry, obligatory disclaimer... :-) Joshua Lewis wrote: >I don't think I have set up Bind9 correctly and I was hoping someone could >point out any mistakes I may have made. I have tried to follow the >examples in the handbook. I even bought DNS and BIND from O'riley. > > So you're definitely the wizard on this list... :-) >I don't really know how to troubleshoot a DNS issue yet. I know of the >tools I just don't understand them yet. I have a MS DNS server running >fine as my secondary and when I try to troubleshoot it I can't tell if I >am getting a response from my MS system or my FBSD system. > > A command you can try is traceroute, which will show you what your system does to resolve the name. nslookup should also give you some valuable inputs. >Should I post my config info here or is that just a real bad idea? I mean >anyone can get what they want from the internet I just don't know if >posting it here is like inviting someone to crack my system. > > Again, I would advise to do it on a more expert list if you decide to do so (although it is probably wiser to send it on request). >Also I currently only have one FreeBSD system. I am trying to run multiple >services on this one system Mail, DNS, WWW, SQL. It is a pretty beefy >system and will have no problem handling the load. I just want to hide the >hostname of the system when I can. I only have the one customer hitting >the system and it is a real small company. This system is overkill for >them so I am trying to utilize the system to the best of my ability. I >know in a perfect world I should have them each running on separate >systems however that is not feasible right now. I was thinking of getting >some old P1 systems and moving DNS over to that. Any other recommendations >are welcome. > > I have an old 486 motherboard sitting around if you wish... :-) Seriously, one thing you can do is set up some jails for your mail and WWW (possibly SQL too). This way, if someone hacks you web server, the rest of you system should remain safe. Just make Apache claim it is running on a Windows machine and, by the time the hackers find out that it was a joke, they will probably be sitting in a psychiatric hospital after a nervous breakdown :-) Cheers Olivier