From owner-freebsd-chat Wed Feb 16 11:11:24 2000 Delivered-To: freebsd-chat@freebsd.org Received: from builder.freebsd.org (builder.FreeBSD.ORG [204.216.27.24]) by hub.freebsd.org (Postfix) with ESMTP id DFD4637B538 for ; Wed, 16 Feb 2000 11:11:20 -0800 (PST) (envelope-from tlambert@usr02.primenet.com) Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.6.134]) by builder.freebsd.org (Postfix) with ESMTP id E5429132F2 for ; Wed, 16 Feb 2000 11:10:42 -0800 (PST) Received: (from daemon@localhost) by smtp04.primenet.com (8.9.3/8.9.3) id MAA25645; Wed, 16 Feb 2000 12:10:59 -0700 (MST) Received: from usr02.primenet.com(206.165.6.202) via SMTP by smtp04.primenet.com, id smtpdAAA.8aaaY; Wed Feb 16 12:10:49 2000 Received: (from tlambert@localhost) by usr02.primenet.com (8.8.5/8.8.5) id MAA17319; Wed, 16 Feb 2000 12:11:03 -0700 (MST) From: Terry Lambert Message-Id: <200002161911.MAA17319@usr02.primenet.com> Subject: Re: Nuovo DNS To: gmarco@scotty.masternet.it (Gianmarco Giovannelli) Date: Wed, 16 Feb 2000 19:11:02 +0000 (GMT) Cc: chat@FreeBSD.ORG In-Reply-To: <38AA8642.2E09B5E2@scotty.masternet.it> from "Gianmarco Giovannelli" at Feb 16, 2000 12:13:06 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This really belongs on questions, and it really belongs on DNS questions rather than on FreeBSD questions. > Come sapete il nuovo DNS accetta un parametro TTL per ogni host della > singola zona, se non lo trova genera un warning: > > Il problema quindi sta nel convertire un file vecchia maniera (es di una > intranet): > > ######### OLD STYLE > cofinco.it. IN SOA gmarco.cofinco.it. gmarco.freebsd.cofinco.it. ( > 1999121301 ; serial > 10800 ; Refresh > 3600 ; Retry > 604800 ; Expire > 86400) ; Minimum TTL > > IN MX 10 freebsd.cofinco.it. > IN A 192.168.0.1 > > > cofinco.it. IN NS 192.168.0.1 > cofinco.it. IN NS 151.99.150.6 > cofinco.it. IN NS 194.184.65.2 > > freebsd IN A 192.168.0.1 > lombardo IN A 192.168.0.101 > daniela IN A 192.168.0.102 > empty1 IN A 192.168.0.103 > rachele IN A 192.168.0.104 > leo IN A 192.168.0.105 > ornella IN A 192.168.0.106 > luigi IN A 192.168.0.107 > > ######### NEW STYLE > > cofinco.it. 86400 IN SOA gmarco.cofinco.it. > gmarco.freebsd.cofinco.it. ( > > 1999121301 ; serial > 10800 ; Refresh > 3600 ; Retry > 604800 ; Expire > 86400) ; Minimum TTL > > 86400 IN MX 10 freebsd.cofinco.it. > 86400 IN A 192.168.0.1 > > > cofinco.it. 86400 IN NS 192.168.0.1 > cofinco.it. 86400 IN NS 151.99.150.6 > cofinco.it. 86400 IN NS 194.184.65.2 You can't really do this. 192.168 is a non-routable class C network, so you aren't going to get an authoritative answer from either of your external name servers. You are really probably trying to either get "views", which you can't currently have, where a local lookup failure results in a relookup in an external DNS server. This is useful for a split horizon DNS server, but will not be available until bind 9 (see for details), OR you are trying to get backup nameservers listed. For the "new" format, it should probably be: --------------------------------------------------------- @ IN SOA cofinco.it. gmarco.cofinco.it. ( 1999121301 ; Serial number 10800 ; Refresh interval 3600 ; Retry interval 604800 ; Expiration 86400 ) ; Minimum ; Nameserver List IN NS freebsd.cofinco.it. ; Domain Address IN A 192.168.0.1 gmarco IN A 192.168.0.1 --------------------------------------------------------- And so on. If you are trying to run split horizon (e.g. this is a dial-on-demand Internet connection with a local network behind FreeBSD running as a NAT box), they you will need to get more complicated in your setup. Specifically, you will have to run two DNS servers, one interior and one exterior, and you will have to specify the addresses to which they are bound. If you are using dynamic IP, you will have to wait to start the exterior server as part of your linkup script. There are directions on how to do this in the O'Reilly BIND book. For the interior named.boot file, you will need to add something like: --------------------------------------------------------- options { directory "/var/dns-interior"; listen-on { 127.0.0.1; 192.168.1.1; }; // only define this after the link is up, and point it // to the nameserver bound to the link up address, if you // are using a dynamic IP address. forwarders { xxx.xxx.xxx.xxx; }; }; zone "127.in-addr.arpa" { type master; file "named.rev.127"; }; zone "0.168.192.in-addr.arpa" { type master; file "named.rev.0.168.192"; }; --------------------------------------------------------- > Ora la cosa fatta a mano va bene per un dominio ma se uno ne ha circa > 480 di zone da modificare la cosa puo' diventare noiosa. > Siccome la problematica dovrebbe essere comune a molti c'e' nessuno che > ha gia' fatto uno script awk/perl/sh per convertire i file ? > > Altrimenti mi metto al lavoro :-) You could maybe use a scripted interface. Personally, I would either regenerate the data and kick the named(s). The problem with sripting calls to DNSUPDAT is that the ACLs are based on IP address and not certificate. This would allow you to update the interior DNS, but, not knowing the exterior IP address beforehand, you will be screwed. PS: My Italian reading skills are hellaciously rusty, so I may not be answering the exact question you are asking; if not, please ignore the response. 8-). Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message