[This message has also been posted to linux.debian.user.] In article <[EMAIL PROTECTED]>, Andrew Critchlow wrote: > > Hi everyone, Anyone good with Bind?
Yeah, the guy who packages it for Debian. > I was wondering that if I set up a dns = > server just for local hosts would I have to include forwarders to the ISP d= > ns servers for internet lookup? If you don't, your BIND is going to be querying the root servers to find out who's authoritative for .com all the time. That's abusive, if your ISP even lets you do it. > Also does anyone know how I could configure= > a caching-only nameserver? thanks= apt-get install bind9 bind9-host dpkg-reconfigure bind9 Or something like that. Let Debian do it. You might want to put something in netfilter so the general public doesn't use your BIND as their forwarder. Block INPUT to port 53. Then unblock INPUT to port 53 for networks where your friends are. Here's a more interesting problem. Say I've got about six thousand CIDR rules for rbldnsd. (Meaner than sbl-xbl, more useful than SPEWS.) I like what it does for Postfix and I want to keep it. Now say I want to run BIND on the same interface at the same IP address, so I can be authoritative for a few domains as well. Is there a clever way to make BIND be a forwarder for rbldnsd? Is this ridiculous wrt performance? Perhaps have rbldnsd listen on a weird port and have BIND query it on some private address via port forwarding? Cameron -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
