newbie question

[Barry Margolin]

In article <s99p8mgd5io174 at corp.supernews.com>,
rainkid <rainkid at rainkid.com> wrote:
>hi everyone.
>here is what i am trying to do.  i am trying to setup a dns server using
>bind 8.2.2.  i am trying to set up my lan as "domain.com" and have a
>bind/named also be  a caching name server.
>here is my named.conf with some questions appended.
>
>options {
>        directory "/var/named";
>        forwarders{
>                216.231.41.x;
>                216.231.41.y;
>                209.253.194.z;
>        };
># i read that this will lighten the load on named by forwarding requests to
>another name server. will this affect the caching role of bind/named if i
>leave forwarding on?

No, it will still cache everything it learns from the forwarders.

>        check-names master warn;
>        allow-transfer{
>                216.231.38.x;
>                216.231.38.y;
>                216.231.38.z;
>                216.231.38.w;
>        };
>};
>
>logging{
>        category lame-servers   { null; } ;
>        category cname          { null; };
>        category statistics     { null; };
># even with category statistics     { null; }; i get "cleaned cache of x
>RRSets" in my log file.  how can i disable this... and what exactly is a
>rrset?  do this message mean that the cache has been cleaned?  the number is
>always really low, like 4 or 5 or so.  i assume this means not alot of
>domains are being cached?
>};

Every hour named goes through the cache, looking for records whose TTLs
have run out and should be removed from the cache.  This message indicates
how many it found and removed.  If the server has only been up for a few
hours you wouldn't expect it to find many records, since 1 day is a common
TTL.

>zone "." {
>        type hint;
>        file "db.cache";
>};
>
>zone "domain.com"{
>        type master;
>        file "domain.com";
>};
>
>zone "0.0.127.IN-ADDR.ARPA"{
>        type master;
>        file "pri.0.0.127.in-addr.arpa";
>};
>
>also, i try to use this name server as my primary dns in windows nt.  bind
>is running under linux.  but using my own nameserver actally took a longer
>time to resolve names than as if i were to use my ISPs name server.  how do
>i remedy this (guess my server is not really caching huh)

It should be.  In fact, there's no way to prevent BIND from caching.  It
could be that your server doesn't have enough memory -- use ps and make
sure the SZ isn't much more than the RSS for the named process, as BIND
thrashes heavily when this happens.

>one last question is, how do i prevent everyone access from using my bind
>server as thei dns?  meaning any joe/jane can open up their network config
>and put in my name server ip for their primary/secondary DNS and my dns
>server will resolve all named for them!

Use the allow-query option.

-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.