Thanks Derek and Reko!
BIND works, and is resolving.
Nate Peck
On 1/14/07, Derek Ragona <[EMAIL PROTECTED]> wrote:
Once you get the syntax corrected, make sure you are picking up the correct
named.conf file by doing:
ps -ax| grep name
If you don't have /etc/rc.conf setup correctly, you may not be getting the
correct named.conf.
-Derek
At 11:40 AM 1/14/2007, Reko Turja wrote:
----- Original Message ----- From: "Nate Peck" <[EMAIL PROTECTED]>
To: <freebsd-questions@freebsd.org>
Sent: Sunday, January 14, 2007 6:39 PM
Subject: BIND9 Syntax?
Dear All,
I've been having trouble with BIND(version 9.3.2-P1), and I'm not sure
where the problem is. When I try to use nslookup, it spits out:
server 127.0.0.1Default server: 127.0.0.1
Address: 127.0.0.1#53
blue.home.lanServer: 127.0.0.1
Address: 127.0.0.1#53
** server can't find blue.home.lan: SERVFAIL
I have my server(blue.home.lan), set up on a LAN.
These are my config files:
db.home.lan:
$TTL 3h
home.lan. IN SOA blue.home.lan. (
1 ; Serial
3h ; Refresh after 3 hours
1h ; Retry after 1 hour
1w ; Expire after 1 week
1h ) ; Negative caching TTL of 1 hour
And you can define the SOA to be home.lan.
Missing the email address of responsible administrator - should be like:
home.lan. IN SOA home.lan. email.blue.home.lan
^^^^^^^^^^^^^^^^^^^
Notice that first dot only in email-address is substituted by @
Usually a good idea is naming the serial like 2007011401 - year, month, day
and serial is easier that way in the long run :)
named.conf:
options {
If this was public I would consider adding either a recursion no; or
allow-recursion {}; clauses in options in order to avoid some attack
techniques utilizing nameservers.
zone "." IN {
type hint;
file "named.ca";
};
You have moved the named.root into named.ca?
No need for IN in these either.
zone "localhost" IN {
type master;
file "pri/localhost.zone";
allow-update { none; };
notify no;
};
Again if public, I would add allow-transfer rules to allow the full dump of
domains in questions only at appropriate peering servers. Maybe allow-query
{ any; }; for every domain as well.
I might have missed some bugs at cursory glance, but these should help to
get you started.
-Reko
(By the way Greg Leheys nowadays publicly available book about FreeBSD has
pretty good walkthrough about basic nameserver configuration)
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
