setting up dns on solaris
Kevin Darcy
kcd at daimlerchrysler.com
Mon Nov 6 22:02:31 UTC 2006
pawright23 wrote:
> Thanks for this Kevin
>
> In response:
>
>
>> 1. You have "forward first" mode set but no forwarders defined (?) Not
>> sure what the point of that is.
>>
>
> Whoops! Fixed that now!
>
>
>> 2. You're loading your reverse zone as 3.5.10.in-addr.arpa but the A
>> records in your forward zone are all the 10.10.10.* range
>>
>
> Fixed
>
>
>> 3. Your PTR records all refer to names in the test.mydomain.com
>> subdomain, but you have no A records in that subdomain
>>
>
> Any chance you could help me out as to where A records go? Sorry for
> the beginner question.
>
That's really a matter of personal preference or local convention,
analogous to how you lay out your directory structure on a disk. Do you
*want* all of the nodes to be under the test.mydomain.com subdirectory?
That's fine. It's also fine if you want to put all of those records
directly under mydomain.com. Either way works. I was only pointing out
that your forward (A) records were out of sync with your reverse (PTR)
records. That's almost always *not* what you want.
>
>> 4. The one and only NS for mydomain.com refers to a host called
>> "test.mydomain.com", but there is no A record associated with that name
>>
>
> As above
>
Uh, just add an A record with that name to the relevant zone.
>
>> 5. nslookup is only suitable for casual DNS lookups, not for serious
>> troubleshooting of DNS resolution problems. "dig" is a better choice for
>> that. If you can't get dig working in the near-term, and are stuck using
>> nslookup, at least turn on debugging so you can see what it's doing
>> behind the scenes -- it often misreports errors and you can't really
>> know what failed unless you have debugging on.
>>
>
> Any chance you could let me know how to do this?
>
To do what? Run dig? You just invoke it like any other command. If you
want to invoke it without an explicit pathname, however, you'll need to
install it from the BIND distribution to some "well known" pathname.
Or, are you looking for some help on what command-line arguments to use
with dig?
- Kevin
>
> Kevin Darcy wrote:
>
>> 1. You have "forward first" mode set but no forwarders defined (?) Not
>> sure what the point of that is.
>> 2. You're loading your reverse zone as 3.5.10.in-addr.arpa but the A
>> records in your forward zone are all the 10.10.10.* range
>> 3. Your PTR records all refer to names in the test.mydomain.com
>> subdomain, but you have no A records in that subdomain
>> 4. The one and only NS for mydomain.com refers to a host called
>> "test.mydomain.com", but there is no A record associated with that name
>> 5. nslookup is only suitable for casual DNS lookups, not for serious
>> troubleshooting of DNS resolution problems. "dig" is a better choice for
>> that. If you can't get dig working in the near-term, and are stuck using
>> nslookup, at least turn on debugging so you can see what it's doing
>> behind the scenes -- it often misreports errors and you can't really
>> know what failed unless you have debugging on.
>>
>>
>> - Kevin
>>
>>
>> pawright23 wrote:
>>
>>> Hi,
>>>
>>> I wonder if anyone can help me with a setup issue I am having with a
>>> standalone DND server. I am quite new to this so any help would be
>>> appreciated.
>>>
>>> I have installed BIND 8.4.6 on a solaris 9 server and configured as
>>> follows:
>>>
>>> created /usr/local/etc/named.conf
>>>
>>> #// This is a configuration file for named (from BIND 8.1 or later).
>>>
>>> #// It would normally be installed as /etc/named.conf.
>>>
>>> #
>>> #
>>>
>>> options { directory "/var/named";
>>>
>>> };
>>>
>>> forward first;
>>>
>>> };
>>>
>>> zone "." {
>>>
>>> type hint;
>>>
>>> file "named.ca";
>>>
>>> };
>>>
>>>
>>>
>>> zone "mydomain.com" {
>>> type master;
>>>
>>> file "private.hosts";
>>>
>>> };
>>>
>>>
>>>
>>> zone "3.5.10.in-addr.arpa." {
>>>
>>> type master;
>>>
>>> file "private.rev";
>>>
>>> };
>>>
>>>
>>>
>>> zone "0.0.127.in-addr.arpa." {
>>>
>>> type master;
>>>
>>> file "private.local";
>>>
>>>
>>> created /var/named/named.ca
>>>
>>> ; This file holds the information on root name servers needed to
>>>
>>> ; initialize cache of Internet domain name servers
>>>
>>> ; (e.g. reference this file in the "cache . <file>"
>>>
>>> ; configuration file of BIND domain name servers).
>>>
>>> ;
>>>
>>> ; This file is made available by InterNIC
>>>
>>> ; under anonymous FTP as
>>>
>>> ; file /domain/named.root
>>>
>>> ; on server FTP.INTERNIC.NET
>>>
>>> ; -OR- RS.INTERNIC.NET
>>>
>>> ;
>>>
>>> ; last update: Jan 29, 2004
>>>
>>> ; related version of root zone: 2004012900
>>>
>>> ;
>>>
>>> ;
>>>
>>> ; formerly NS.INTERNIC.NET
>>>
>>> ;
>>>
>>> . 3600000 IN NS A.ROOT-SERVERS.NET.
>>>
>>> A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
>>>
>>> ;
>>>
>>> ; formerly NS1.ISI.EDU
>>>
>>> ;
>>>
>>> . 3600000 NS B.ROOT-SERVERS.NET.
>>>
>>> B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
>>>
>>> ;
>>>
>>> ; formerly C.PSI.NET
>>>
>>> ;
>>>
>>> . 3600000 NS C.ROOT-SERVERS.NET.
>>>
>>> C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
>>>
>>> ;
>>>
>>> ; formerly TERP.UMD.EDU
>>>
>>> ;
>>>
>>> . 3600000 NS D.ROOT-SERVERS.NET.
>>>
>>> D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
>>>
>>> ;
>>>
>>> ; formerly NS.NASA.GOV
>>>
>>> ;
>>>
>>> . 3600000 NS E.ROOT-SERVERS.NET.
>>>
>>> E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
>>>
>>> ;
>>>
>>> ; formerly NS.ISC.ORG
>>>
>>> ;
>>>
>>> . 3600000 NS F.ROOT-SERVERS.NET.
>>>
>>> F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
>>>
>>> ;
>>>
>>> ; formerly NS.NIC.DDN.MIL
>>>
>>> ;
>>>
>>> . 3600000 NS G.ROOT-SERVERS.NET.
>>>
>>> G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
>>>
>>> ;
>>>
>>> ; formerly AOS.ARL.ARMY.MIL
>>>
>>> ;
>>>
>>> . 3600000 NS H.ROOT-SERVERS.NET.
>>>
>>> H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
>>>
>>> ;
>>>
>>> ; formerly NIC.NORDU.NET
>>>
>>> ;
>>>
>>> . 3600000 NS I.ROOT-SERVERS.NET.
>>>
>>> I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
>>>
>>> ;
>>>
>>> ; operated by VeriSign, Inc.
>>>
>>> ;
>>>
>>> . 3600000 NS J.ROOT-SERVERS.NET.
>>>
>>> J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
>>>
>>> ;
>>>
>>> ; operated by RIPE NCC
>>>
>>> ;
>>>
>>> . 3600000 NS K.ROOT-SERVERS.NET.
>>>
>>> K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
>>>
>>> ;
>>>
>>> ; operated by ICANN
>>>
>>> ;
>>>
>>> . 3600000 NS L.ROOT-SERVERS.NET.
>>>
>>> L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
>>>
>>> ;
>>>
>>> ; operated by WIDE
>>>
>>> ;
>>>
>>> . 3600000 NS M.ROOT-SERVERS.NET.
>>>
>>> M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
>>>
>>>
>>> created /var/named/private.hosts
>>>
>>> ;
>>>
>>> ; Hosts file for domain mydomain.com.
>>> ;
>>>
>>> ;name ttl class type data
>>>
>>> ;
>>>
>>> ; Source of authority
>>>
>>> @ IN SOA test.mydomain.com. root.test.mydomain.com. (
>>> 2000050201 ; Serial
>>>
>>> 10800 ; Refresh - 3 hours
>>>
>>> 3600 ; Retry - 1 hour
>>>
>>> 432000 ; Expire - 1 week
>>>
>>> 86400) ; Minimum - 1 day
>>>
>>> IN NS test.mydomain.com.
>>> ;
>>>
>>> ; Machines for the test.mydomain.com domain
>>> ;
>>>
>>> ;name ttl class type data
>>>
>>> localhost IN A 127.0.0.1
>>>
>>> host1 IN A 10.10.10.11
>>>
>>> host2 IN A 10.10.10.12
>>>
>>> created /var/named/private.rev
>>>
>>> ;
>>>
>>> ; Reverse address file for mydomain.com
>>> ;
>>>
>>> ;name ttl class type data
>>>
>>> ;
>>>
>>> ; Source of authority
>>>
>>> @ IN SOA test.mydomain.com. root.test.mydomain.com. (
>>> 2000050201 ; Serial
>>>
>>> 10800 ; Refresh - 3 hours
>>>
>>> 3600 ; Retry - 1 hour
>>>
>>> 432000 ; Expire - 1 week
>>>
>>> 86400) ; Minimum - 1 day
>>>
>>> IN NS test.mydomain.com.
>>> ;
>>>
>>> ; Machines names
>>>
>>> ;
>>>
>>> ;name ttl class type data
>>>
>>> 11 IN PTR host1.test.mydomain.com.
>>> 12 IN PTR host2.test.mydomain.com.
>>>
>>> created /var/named/private.local
>>>
>>> ;
>>>
>>> ; Reverse address file for localhost
>>>
>>> ;
>>>
>>> ;name ttl class type data
>>>
>>> ;
>>>
>>> ; Source of authority
>>>
>>> @ IN SOA test.mydomain.com. root.test.mydomain.com. (
>>> 2000050201 ; Serial
>>>
>>> 10800 ; Refresh - 3 hours
>>>
>>> 3600 ; Retry - 1 hour
>>>
>>> 432000 ; Expire - 1 week
>>>
>>> 86400) ; Minimum - 1 day
>>>
>>> IN NS test.mydomain.com.
>>> ;
>>>
>>> ; Machines names
>>>
>>> ;
>>>
>>> ;name ttl class type data
>>>
>>> 1 IN PTR localhost.
>>>
>>>
>>> then started the named daemon with:
>>>
>>> # /usr/local/etc/named.conf
>>>
>>> and nslookups don't work!
>>>
>>> Can anyone offer any insight? (I'm not really understanding how these
>>> SOA entries work - could they be messed up as I've just stuck some
>>> arbitrary values in there based on a templete I saw? Do all your host
>>> resolutions go in the private.hosts and private.rev files?
>>>
>>> Many thanks
>>>
>>> Pete
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>
>
>
>
>
>
More information about the bind-users
mailing list