Dnia 2011-04-08 21:58 Patrick Rynhart napisał(a):
>I am new to using BIND and thought that I would start by setting up a
>caching-only name server on a VM running CentOS 5.5. While in this
>mode, my understanding is that named should be passively listening for
>any DNS requests that are resolved and be adding them to its local DB.
>
>Adding localhost to /etc/resolv.conf shouldn't be necessary in order for
>entries to be added to the DB but obviously required if you want to make
>use of the DNS caching.
>
>What I'm observing is that any DNS requests that are resolved aren't
>being added to the DB - i.e. the result of "rndc dumpdb" is always
>empty. My named.conf file is as posted inline below; this is a vanilla
>named.caching-nameserver.conf (as packaged by CentOS) aside from my
>adding the VMWare subnet 192.168.239.0/24 which my VM is on. I also
>post the output of "named -g" along with named.local below.
You say you successfully perform queries on that box. How are you doing
this?
dig something @localhost
dig something
ping something
Last two might not work, as it asks resolver for that box, which is
configured in resolv.conf and might not be localhost
The first is guaranteed to ask this bind.
Also, see below for remarks on your configuration.
>named.conf
>----------
>
>options {
> listen-on port 53 { 127.0.0.1; 192.168.239.0/24; };
192.168.239.0 should be a single address, not a range. It's address bind
listens on, not the one it can receive queries from.
> //listen-on-v6 port 53 { ::1; };
> directory "/var/named";
> dump-file "/var/named/data/cache_dump.db";
> statistics-file "/var/named/data/named_stats.txt";
> memstatistics-file "/var/named/data/named_mem_stats.txt";
>
> // Those options should be used carefully because they
> // disable port randomization
> query-source port 53;
> query-source-v6 port 53;
>
> allow-query { localhost; 192.168.239.0/24; };
> allow-query-cache { localhost; 192.168.239.0/24; };
>};
>logging {
> channel default_debug {
> file "data/named.run";
> severity dynamic;
> };
>};
>view localhost_resolver {
> match-clients { localhost; 192.168.239.0/24;};
> match-destinations { localhost; 192.168.239.0/24;};
> recursion yes;
> include "/etc/named.rfc1912.zones";
>};
You are sure you need view? This one here doesn't seem to add anything , and
it does seem strange.
You specify here, that clients from your local IP subnet, that ask for names
in your local IP subnet can ask recursive queries, and have some pretty
standard zones.
My quess would be that it won't require recursive queries. And if you want
to limit who can use your server recursively,
its better to use option {allow-recursion{ 192.168.239.0/24;};}
Regards,
Torinthiel
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
