From owner-freebsd-questions  Tue Jan  4  2:35:54 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from ducky.nz.freebsd.org (chilled.unixathome.org [203.79.82.27])
	by hub.freebsd.org (Postfix) with ESMTP id E85F714C81
	for <freebsd-questions@freebsd.org>; Tue,  4 Jan 2000 02:35:50 -0800 (PST)
	(envelope-from dan@freebsddiary.org)
Received: from wocker (wocker.int.nz.freebsd.org [192.168.0.99])
	by ducky.nz.freebsd.org (8.9.3/8.9.3) with ESMTP id XAA56537
	for <freebsd-questions@freebsd.org>; Tue, 4 Jan 2000 23:35:38 +1300 (NZDT)
Message-Id: <200001041035.XAA56537@ducky.nz.freebsd.org>
From: "Dan Langille" <dan@freebsddiary.org>
Organization: The FreeBSD Diary
To: freebsd-questions@freebsd.org
Date: Tue, 4 Jan 2000 23:35:24 +1300
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Subject: two copies of bind or two name servers?
Reply-To: dan@freebsddiary.org
X-mailer: Pegasus Mail for Win32 (v3.12a)
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At present, I'm running all of my zones on a single instance of bind.  But 
I don't like that.  I have internal zones which I don't want the outside 
world to know about.  I have restricted access by using allow-transfer 
and allow-query but I want more separation.

I tried running two instances of bind on the same box by using the listen-
on option.  When I start the first instance of bind I get:

named[56043]: listening on [192.168.1.1].53 (ed0)
named[56043]: Forwarding source address is [0.0.0.0].53

The second one gives:

named[56046]: ctl_server: bind: Address already in use
named[56046]: listening on [192.168.0.20].53 (ed1)
named[56046]: opensocket_f: bind([0.0.0.0].53): Address already in use

I don't understand why it is trying to listen on 0.0.0.0.  Any clues?

I'm now beginning to think that a better solution is to have two name 
servers.  One servicing external requests, the other servicing internal 
requests.  The external one would be non-recursive.  The internal one 
would be rescursive.  Does that make sense?

cheers
--
Dan Langille - DVL Software Limited [I'm looking for more work]
The FreeBSD Diary     - http://www.freebsddiary.org/freebsd/
NZ FreeBSD User Group - http://www.nzfug.nz.freebsd.org/
The Racing System     - http://www.racingsystem.com/racingsystem.htm
unix @ home           - http://www.unixathome.org/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message