bind9 questions

Thu Mar 1 17:42:58 UTC 2001

No I understand your point, but the only two things missing are actual IP's
of internal boxes, these are  correct in the named.conf file and hell I know
that anyone can figure out the domain by just looking at my email address,
but as I stated this server worked fine before w/ bind8, bind9 installed
okay its running and the machine actual resolves all boxes on the net, my
only problem is the zones are not being put into the /var/named/secondary
directory and the only thing the resolv.conf file has in it is the localhost
ip (127.0.0.1) as a nameserver. Where is this box doing its lookups from?
Before I could see named-xfer kick off but w/ bind9 not using named-xfer
there is nothing to show transfers and I see none on the QIP box logs. I am
just trying to figure out how this box is still working.

Tim

> >-----Original Message-----
> >From: Claude Marinier [mailto:claude.marinier at dreo.dnd.ca]
> >Sent: Thursday, March 01, 2001 11:11 AM
> >To: Timothy.Moseley at hurlburt.af.mil
> >Subject: RE: bind9 questions 
> >
> >
> >Tim,
> >
> >I think that the point is that any modifications that you make to the
> >files before you send them to the list may hide (remove) errors. Just
> >today, someone had a typo in a file. Associated with this observation
> >is the assurance that you are not taking any risk by sending unmodi-
> >fied files to the list. You may dissagree with the last 
> >point and have
> >the right say that you are not comfortable with that approach.
> >
> >On Thu, 1 Mar 2001 Timothy.Moseley at hurlburt.af.mil wrote:
> >> > >    Timothy> I hide the domain name and the actual IP's
> >> > >    Timothy> because of the last part of my domain name (.mil).
> >> > >
> >> > >That makes no difference. Maybe your firewall does let 
> >the traffic
> >> > >through? And even if it doesn't, it's always far better 
> >to talk about
> >> > >(say) hurlburt.af.mil than made up but real domain names like
> >> > >mydomain.com. It's also very important that when 
> >someone presents
> >> > >config and zone files for analysis on this list, we see
> >> > >*exactly* what
> >> > >your name server sees, no more, no less. If you hide 
> >domain names and
> >> > >IP addresses, who's to say what else you've mangled?
> >> What difference does it matter if the domain is present or 
> >if the IP's are
> >> shown. I know that you can not see the server I am talking 
> >about. You want
> >> to try its name is pinnacle4 its not registered in the 
> >world nor is it
> >> broadcasted outside, go for it. If anything was mangled 
> >then bind8 would not
> >> have worked. This system worked fine up until bind9 was 
> >installed, I am
> >> trying to get it to work correctly so that I can use BIND9 
> >on another net
> >> that is totally invisible to the world, these servers are 
> >all using UNIX and
> >> when I upgrade them I will use the key statements to 
> >increase security, but
> >> I am trying to get this to work on this network first and 
> >all I want to do
> >> is get zones transfered from the QIP box to the one running bind9.
> >
> >-- 
> >Claude Marinier, Information Technology Group    
> >claude.marinier at dreo.dnd.ca
> >Defence Research Establishment Ottawa (DREO)    (613) 
> >998-4901  FAX 998-2675
> >3701 Carling Avenue, Ottawa, Ontario  K1A 0Z4         
> >http://www.dreo.dnd.ca
> >