Date: Mon, 27 Jan 2003 18:39:34 -0500 From: Louis LeBlanc <leblanc+freebsd@keyslapper.org> To: FreeBSD Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: Caching nameserver question - I need a spot here . . . Message-ID: <20030127233934.GA7292@keyslapper.org> In-Reply-To: <1043706135.13652.101.camel@localhost> References: <20030127221529.GB36301@keyslapper.org> <1043706135.13652.101.camel@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On 01/27/03 10:22 PM, Stacey Roberts sat at the `puter and typed: > Hi Louis, > > On Mon, 2003-01-27 at 22:15, Louis LeBlanc wrote: > > Hey all. I'm finally getting around to setting up a caching dns > > server. Pretty confusing from my angle. > > > > Here's what I have so far: > > named enaabled in /etc/rc.conf > > cd to /etc/namedb and run sh make-localhost > > > > and the following in /etc/namedb/named.conf: > > > > options { > > directory "/etc/namedb"; > > forward first; > > forwarders { > > 151.203.0.84; > > 151.202.0.84; > > }; > > listen-on { 10.8.20.5; }; > > version "surely you must be joking" > > query-source address * port 53; > > }; > > > > > > zone "." { > > type hint; > > file "named.root"; > > }; > > > > zone "0.0.127.IN-ADDR.ARPA" { > > type master; > > file "localhost.rev"; > > }; > > > > > > 10.8.20.5 is the interface to the internal network, and I'm hoping the > > listen-on statement above will restrict requests to the internal > > network - And from the local machine if I simply add that IP to > > /etc/resolv.conf. The IPs in the forwarders block are my ISPs dns > > servers. > > > > Anyone care to point out my mistakes so I don't go making an ass of > > myself by turning on named with a broken config? > > I once had a similar set up as what you've described as your intention > here. I'll not critique what you've done, but I'll point you to the > handbook, which has a complete section on DNS and mentions what needs to > be done to set up a basic caching nameserver - its here: > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/dns.html > > Hope this assists in some way. Lots of luck! I probably should have mentioned this, but that page is exactly how I got this far in the first place. Section 10.9.7 (Caching Name Server) says only this: A caching name server is a name server that is not authoritative for any zones. It simply asks queries of its own, and remembers them for later use. To set one up, just configure the name server as usual, omitting any inclusions of zones. So I guess my main question is do the following default zones violate that statement, or are they exceptions? zone "." { type hint; file "named.root"; }; zone "0.0.127.IN-ADDR.ARPA" { type master; file "localhost.rev"; }; And, what about the Options section? Am I understanding the use of the forwarders, forward first, and listen-on directives correctly? I have put some effort into this, and the configuration above is the result of that effort, so I'm not asking anyone to do it for me. However, I know there have been more than a few people who have started out intending only to set up a basic internal service of some kind, only to have their mistakes cause trouble externally. I've been there myself, and I'm just trying this once to avoid that one step commonly referred to as 'making an ass of yourself.' Particularly since screwing with the ISPs dns service availability isn't exactly smiled upon. Thanks Lou -- Louis LeBlanc leblanc@keyslapper.org Fully Funded Hobbyist, KeySlapper Extrordinaire :) http://www.keyslapper.org ԿԬ life, n.: That brief interlude between nothingness and eternity. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030127233934.GA7292>