Did I get it right?
Kevin Darcy
kcd at daimlerchrysler.com
Wed Jul 31 02:55:28 UTC 2002
"Chris W." wrote:
> Hello everyone,
>
> I wish to have a caching-only nameserver to serve my small LAN. I have
> read pages upon pages of information on BIND and DNS but I'm not sure if
> I have it right just yet. I am hoping to setup a DNS server and supply
> name services to the two Windows systems I have on my network. I have
> tried plugging in the IP address of the DNS server into my Windows
> systems but nslookup on those systems returns a "Can't find server name
> for address 192.168.1.100: Timed out" message. From what I've read, this
> appears to be a reverse DNS issue but I just don't see where the problem
> lies. Can someone please point me in the right direction?
>
> I am using BIND 9.2.1 on a PC running Solaris 8.
>
> Thanks in advance,
>
> Chris
>
> ===== hosts =====
> 127.0.0.1 localhost
> 192.168.1.100 cwunix.cwsys cwunix loghost
> 192.168.1.101 compsys01.cwsys compsys01
> 192.168.1.102 compsys02.cwsys compsys02
>
> ===== named.conf =====
>
> # /usr/local/etc/named.conf
>
> key "rndc-key" {
> algorithm hmac-md5;
> secret "5ziCq0tjii+OkjfUrjQ1Cg==";
> };
>
> controls {
> inet 127.0.0.1 port 953
> allow { 127.0.0.1; } keys { "rndc-key"; };
> };
>
> acl "allowDNS" { 192.168.1.0/24; localhost; };
> acl "bogusnets" { 0.0.0.0/8; 1.0.0.0/8; 2.0.0.0/8; 192.0.2.0/24;
> 224.0.0.0/3; 10.0.0.0/8; 172.16.0.0/12;
> 192.168.0.0/16; };
>
> options {
> directory "/var/named"; # Working directory
> listen-on {
> 192.168/16;
> 127.0.0.1;
> };
> pid-file "named.pid"; # Pid file in working dir
> allow-query { "allowDNS"; }; # Block access via ACL
> blackhole { "bogusnets"; }; # Block spoofing
> forwarders {
> 63.240.76.4;
> 204.127.198.4;
> };
> };
>
> zone "." {
> type hint;
> file "named.ca";
> };
>
> zone "0.0.127.in-addr.arpa" {
> type master;
> file "named.local";
> notify no;
> };
>
> zone "cwsys" {
> type master;
> file "db.cwsys";
> notify no;
> allow-update { none; };
> };
>
> zone "1.168.192.in-addr.arpa" IN {
> type master;
> file "db.192.168.1";
> notify no;
> allow-update { none; };
> };
>
> ===== resolv.conf =====
>
> search cwsys
> domain cwsys
> nameserver 127.0.0.1
> nameserver 63.240.76.4
> nameserver 204.127.198.4
>
> ===== named.local =====
>
> ; /var/named/named.local
> ;
> $TTL 86400
> @ IN SOA localhost. root.localhost. (
> 1997022700 ; Serial
> 28800 ; Refresh
> 14400 ; Retry
> 3600000 ; Expire
> 86400 ) ; Minimum
> IN NS localhost.
>
> 1 IN PTR localhost.
>
> ===== db.cwsys =====
>
> ; /var/named/db.cwsys
> ;
> $TTL 86400
> @ IN SOA cwsys. root.cwsys. (
> 2002022700 ; Serial
> 28800 ; Refresh
> 14400 ; Retry
> 3600000 ; Expire
> 86400 ) ; Minimum
> IN NS cwunix.cwsys.
>
> cwsys. IN A 192.168.1.100
>
> ===== db.192.168.1 =====
>
> ; /var/named/db.192.168.1
> ;
> $TTL 86400
>
> 1.168.192.in-addr.arpa. IN SOA cwsys. root.cwsys. (
> 2002022700 ; Serial
> 28800 ; Refresh
> 14400 ; Retry
> 3600000 ; Expire
> 86400 ) ; Minimum
> 1.168.192.in-addr.arpa. IN NS cwsys.
>
> 100 PTR cwunix.cwsys.
>
> ============ DIG RESULTS ============
>
> ; <<>> DiG 9.2.1 <<>> -x 192.168.1.100
>
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36283
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
>
> ;; QUESTION SECTION:
> ;100.1.168.192.in-addr.arpa. IN PTR
>
> ;; ANSWER SECTION:
> 100.1.168.192.in-addr.arpa. 86400 IN PTR cwunix.cwsys.
>
> ;; AUTHORITY SECTION:
> 1.168.192.in-addr.arpa. 86400 IN NS cwsys.
>
> ;; ADDITIONAL SECTION:
> cwsys. 86400 IN A 192.168.1.100
>
> ;; Query time: 4 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Tue Jul 30 18:08:55 2002
> ;; MSG SIZE rcvd: 100
>
> ============ DIG RESULTS ============
>
> ; <<>> DiG 9.2.1 <<>> cwsys
>
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49218
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;cwsys. IN A
>
> ;; ANSWER SECTION:
> cwsys. 86400 IN A 192.168.1.100
>
> ;; AUTHORITY SECTION:
> cwsys. 86400 IN NS cwunix.cwsys.
>
> ;; Query time: 4 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Tue Jul 30 18:09:24 2002
> ;; MSG SIZE rcvd: 60
>
> ============ DIG RESULTS ============
>
> ; <<>> DiG 9.2.1 <<>> hotsheet.com
>
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40022
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;hotsheet.com. IN A
>
> ;; ANSWER SECTION:
> hotsheet.com. 153 IN A 209.41.100.68
>
> ;; AUTHORITY SECTION:
> hotsheet.com. 153 IN NS ns1.neospire.net.
> hotsheet.com. 153 IN NS ns2.neospire.net.
>
> ;; ADDITIONAL SECTION:
> ns1.neospire.net. 153 IN A 209.41.115.6
> ns2.neospire.net. 153 IN A 209.41.115.7
>
> ;; Query time: 4 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Tue Jul 30 18:10:48 2002
> ;; MSG SIZE rcvd: 126
You're blackholing all of 192.168/16.
- Kevin
More information about the bind-users
mailing list