Setting up Split-DNS on same host
Gerry George
ggeorge at digisolv.com
Thu Sep 21 14:39:04 UTC 2000
I am trying to accomplish running a split-DNS system on one host. I want
to have internal IP's available to internal hosts, but also offer external
restricted IPs to the public.
This is for a multi-homed host, with one port on the external network
I have tried to use the "listen on" directive for the different "zones" but
I get syntax errors for the "listen-on" command regardless of how I format it.
The other problem is being able to run two instances of the same "zone"
internal: some-domain.com
external: some-domain.com - error says that zone already defined. Do I
have to create a new sub-domain to allow this? Otherwise, how do I allow
two instances of bind on the same machine - one on the internal interface
and the other on the external interface?
Files & error messages follow:
#
# overall options of the server
#
options {
directory "/var/named";
# the default is to fail, if the master file is not correct
check-names master warn;
pid-file "/var/run/named.pid";
datasize default;
stacksize default;
coresize default;
files unlimited;
recursion yes;
multiple-cnames yes;
};
zone "." IN {
type hint;
file "root.hint";
};
zone "localhost" IN {
type master;
file "localhost.zone";
check-names fail;
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "127.0.0.zone";
check-names fail;
allow-update { none; };
};
#
############### My-Domain External Records ########################
#
zone "my-domain-external.com" IN {
type master;
file "zone-external.db";
allow-transfer { any; };
notify yes;
check-names fail;
allow-update { none; };
};
zone "333.222.111.in-addr.arpa" IN {
type master;
file "reverse-external.db";
check-names fail;
allow-update { none; };
notify yes;
};
#
############### My-Domain Internal Records ########################
#
#
#
zone "mydomain.com" IN {
type master;
file "zone-internal.db";
# allow-transfer { my-domain_net; };
allow-transfer { localnets; };
# only listen on the internal interface
listen-on { 123.234.231.10; };
# allow-query { 123.234.231.0/24; };
notify yes ;
check-names fail;
allow-update { none; };
};
zone "231.234.123.in-addr.arpa" IN {
type master;
file "reverse-internal.db";
# allow-transfer { my-domain_net; };
allow-transfer { localnets; };
# only listen on the internal interface
listen-on { 123.234.231.10; };
# allow-query { 123.234.231.0/24; };
notify = yes;
check-names fail;
allow-update { none; };
};
###########################################################
jourmard:/etc # named -v
named 8.2.2-P5 Sat Mar 11 10:37:51 GMT 2000
root at Mersenne:/usr/src/packages/BUILD/bind8-8.2.2/bin/named
###########################################################
Sep 18 18:43:35 jourmard named[380]: reloading nameserver
Sep 18 18:43:35 jourmard named[380]: /etc/named.conf:106: syntax error near
listen-on
Sep 18 18:43:35 jourmard named[380]: Zone "my-domain.com" (file zone.db):
No default TTL set using SOA minimum instead
Sep 18 18:43:35 jourmard named[380]: master zone "my-domain.com" (IN)
loaded (serial 1999090202)
Sep 18 18:43:35 jourmard named[380]: /etc/named.conf:108: syntax error near
notify
Sep 18 18:43:35 jourmard named[380]: /etc/named.conf:120: syntax error near
listen-on
Sep 18 18:43:35 jourmard named[380]: /etc/named.conf:122: syntax error near
notify
Sep 18 18:43:35 jourmard named[380]: couldn't create pid file
'/var/run/named.pid'
Sep 18 18:43:35 jourmard named[380]: Forwarding source address is
[0.0.0.0].1039
Sep 18 18:43:35 jourmard named[380]: Ready to answer queries.
Sep 18 18:43:50 jourmard named[380]: Sent NOTIFY for "my-domain.com IN SOA"
(my-domain.com); 1 NS, 1 A
Thanks fot any assistance
Gerry George
Gerry E. George <ggeorge at digisolv.com>
Information Technology Specialist,
DigiSolv, Inc.
http://www.digisolv.com
.
More information about the bind-users
mailing list