How to control own domain/zonefile ?
Clenna Lumina
savagebeaste at yahoo.com
Thu Dec 7 17:45:05 UTC 2006
--- Barry Margolin <barmar at alum.mit.edu> wrote:
> In article <el801h$2jsd$1 at sf1.isc.org>,
> Clenna Lumina <savagebeaste at yahoo.com> wrote:
>
> > If I may ask just one more question, how exactly would
> > I set up bind so I can:
> >
> >
> > 1) handle mydomain.com (as I mentioned in my
> > original post.) I can easily set the
> > name server entry in my registrars DNS applet.
>
> Configure the mydomain.com zone in your named.conf file.
That's what I can't quite figure out how to do correctly.
(Edit: Ok your example below helps a lot, thank you.)
> > 2) handle local.mydomain.com, as a sub domain of
> > sorts thats only valid on the local LAN that
> > my linux server is a part of; only computers
> > on this LAN are assigned local.mydomain.com.
> > The dhcpd that comes with linux make it easy
> > to set that for clients.
> >
> > IE:
> > foo.local.mydomain.com => client host 'foo'
> > bar.local.mydomain.com => client host 'bar'
> > ...
> >
> > Also local.mydomain.com is NOT to be
> > accessible from the internet.. LAN only.
>
> Configure the local.mydomain.com zone in your named.conf
> file, and use
> the "allow-query" option in the zone to restrict access to
> your local
> subnet.
Ok I'm beginning to make some sense, at least the allow-query
part.
(Edit: Ok your example below helps a lot, thank you.)
> > 3) And finally, I want my bind to also foward
> > outside-destined requests to our ISP's DNS
> > server(s), that way the clients can use the
> > Linux's ip for DNS for everything.
>
> Why do you want to do that? What's wrong with the default
> behavior of
> iterating from the root servers?
>
> But if you really prefer to use your ISP's servers rather
> than iterating
> yourself, use the "forwarders" option.
I wasn't aware it worked like this. Do I understand
corectly that the default behavior is to simply
check all the root servers and transverse down
the line?
Would this mean that, for example, a web site updates
it's IP for it's hostname, I would get this update faster
then if I used my ISP's dns (which can be rather slow
updating... friends of mine always seem to get those
sort of updates quicker on their ISPs.)
> > I also want to be able to keep the mydomain.com zone
> > file seperate from the local.mydomain.com zone file,
> > as the latter is for the LAN only and need not be
> > accessible from the internet.
>
> zone "mydomain.com" {
> type master;
> file "db.mydomain.com";
> };
> zone "local.mydomain.com" {
> type master;
> file "db.local.mydomain.com";
> allow-query { 192.168.1.0/24; localhost; };
> };
Thanks you very much. I assume the "file" parts refer
to actual zone files? (I have worked with zone files
before so I have some idea of how to do them, I just
never setup my own name server before now :-) )
____________________________________________________________________________________
Yahoo! Music Unlimited
Access over 1 million songs.
http://music.yahoo.com/unlimited
More information about the bind-users
mailing list