On Sat, May 1, 2021 at 2:19 AM Ed Greshko <ed.gres...@greshko.com> wrote:
> On 01/05/2021 16:31, Ed Greshko wrote:
>
> After I sent the previous post I realized what I *think* is your goal. If
> I recall you're wanting your
> DNS server to service queries from inside your network as well as from
> outside.
>
> As currently configured your DNS server is acting as an external/public
> server only.
>
> So this....
>
> >
> 2. You now want to fix your named.conf to have "recursion no;" The default
> is "yes".
> >
> You don't want your DNS server acting as a server every domain. If someone
> queries
> > your server directly you want it to return (using cnn.com
> as the example).
> >
> > Host cnn.com not found: 5(REFUSED)
>
> Would also result in this....
>
> [egreshko@f33k ~]$ host cnn.com localhost
> Using domain server:
> Name: localhost
> Address: ::1#53
> Aliases:
>
> Host cnn.com not found: 5(REFUSED)
>
> Which is certainly not what you'd want.
>
> There are, in my mind, 2 schools of thought on "fixing" this.
>
> 1. If you have a small number of system in your local network just let
> them query
> external DNS servers such as your ISP's DNS server. You can handle
> exception using
> the /etc/hosts file.
>
> 2. Configure your DNS server with, I think the correct term is "views",
> such that an
> internal system query returns internal IP addresses (10.0.0.X) and an
> internal query
> allows recursion.
>
> #1 is easy
> #2 requires research and work.
>
I'll hold off deciding this for the moment, i need some sleep, ...
Still, i got a start on views/zones and /etc/named.conf is currently setup
as ..
*view "wan-view"{ zone "linuxlighthouse.com <http://linuxlighthouse.com>"
{ type master; file
"/var/named/linuxlighthouse.com.db"; allow-update { none; }; };
zone "." IN { type hint; file "named.ca
<http://named.ca>"; };};*
again, Thanks for all the support!!
--
> Remind me to ignore comments which aren't germane to the thread.
>
> _______________________________________________
> users mailing list -- users@lists.fedoraproject.org
> To unsubscribe send an email to users-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
> Do not reply to spam on the list, report it:
> https://pagure.io/fedora-infrastructure
>
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
