FC6 DNS Simple Setup help
Barry Margolin
barmar at alum.mit.edu
Thu Nov 16 04:19:01 UTC 2006
In article <ejeuno$22te$1 at sf1.isc.org>,
"Mark Koi" <mark.koi at nextwavesys.com> wrote:
> Hi,
>
> We have a FC6 Firewall. We have an internal/external network. The
> ns/fw are one in the same for now and perform DNAT. DNS and bind
> requires intensive experience, but we setup using view. Reverse lookup
> doesn't work. What exactly do we need to add to named.conf to get
> reverse lookup to work on internal network. Also, what would the files
> that reverse lookup reference exactly look like?? Can someone with
> intensive experience provide any other information to lead us down the
> right path in proper setup. Thanks - Mark.
You need to add the zone named "1.168.192.in-addr.arpa", and fill this
zone with appropriate PTR records. The named.conf entry looks like:
zone "1.168.192.in-addr.arpa" {
type master;
file "db.internals.1.168.192.in-addr.arpa";
};
The DB file would look like:
$TTL 86400
@ IN SOA fwbo.nextwavesys.net. hostmaster.nextwavesys.net. (
... )
IN NS fwbo.nextwavesys.net.
1 IN PTR fwbo.nextwavesys.net.
4 IN PTR www.nextwavesys.net.
>
> named.conf
> ------------------------------------------------------------------------------
> ----------------------------------
> acl internals {
> 127.0.0.1;
> 192.168.1.0/24;
> };
>
> options {
> directory "/var/named";
> dump-file "/var/named/data/cache_dump.db";
> statistics-file "/var/named/data/named_stats.txt";
> version "0";
> };
>
> controls {
> inet 127.0.0.1 allow { localhost; }
> keys { rndckey; };
> };
>
> view "internal" {
> match-clients { internals; };
> recursion yes;
>
> zone "nextwavesys.net" {
> type master;
> file "db.internals.nextwavesys.net";
> allow-query { internals; };
> allow-update { internals; };
> };
> };
>
> view "external" {
> match-clients { any; };
> recursion no;
>
> zone "nextwavesys.net" {
> type master;
> file "db.externals.nextwavesys.net";
> };
> };
> include "/etc/rndc.key";
> ------------------------------------------------------------------------------
> -------------------------------
> db.internals.nextwavesys.net
>
> $TTL 86400
> @ IN SOA nextwavesys.net. fwbo.nextwavesys.net. (
> 42 ; Serial
> 28800 ; Refresh
> 14400 ; Retry
> 3600000 ; Expire
> 86400 ) ; Minimum
> ;
> @ IN NS fwbo
> IN MX 10 mail
> IN A 192.168.1.1
> fwbo IN A 192.168.1.1
> www IN A 192.168.1.4
> .....more entries, etc.......
>
> ------------------------------------------------------------------------------
> ---------------------------------
> db.externals.nextwavesys.net
>
> $TTL 86400
> @ IN SOA fwbo.nextwavesys.net.
> root.fwbo.nextwavesys.net. (
> 42 ; Serial
> 28800 ; Refresh
> 14400 ; Retry
> 3600000 ; Expire
> 86400 ) ; Minimum
> ;
> @ IN NS fwbo
> IN MX 10 mail
> IN A 216.9.140.36
> fwbo IN A 216.9.140.36
> .....more entries, etc..........
> ------------------------------------------------------------------------------
> --
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list