BIND Configuration Help

Kevin Darcy kcd at daimlerchrysler.com
Tue Jun 11 21:09:50 UTC 2002 

No, you can't publish private addresses (in the range 192.168.*.*) to the
public DNS. You need to publish real Internet addresses and then NAT
those to the private addresses.

Beyond that, do you really need to forward? I'd advise against it unless
it gives you a *demonstrable* performance benefit.

If you want to accept mail for @mydomain.org, you should have an
MX record for that name.

All zones, including yours, must be served by at least 2 nameservers.

You should define the whole 168.192.in-addr.arpa zone, not just the slice
that you're using currently. The reason for this is to catch reverse
lookups for typo'ed addresses. If your 168.192.in-addr.arpa zone starts
to get unmanageably large, you can always opt to delegate 3rd-octet
reverse zones from it.

I *really* don't think you want "statistics-interval 1;"...


- Kevin

lbosson at excite.com wrote:

> I need basic configuration help.
>
> My setup:
>       1.  I have a DSL Modem and Router
>       2.  mydomain.org is registered and setup with the external
> address of my router
>       3.  My router is setup with ports open for DNS and HTTP.
>       4.  Router is at 192.168.123.254
>       5.  Server is at 192.168.123.1
>       6.  The server handles the web services, dns, file sharing
> basically everything
>       7.  The Router acts as the DHCP server not my Server
>       8.  I am running OS X which uses BIND version 8
>
> What I would like to do:
>       1.  Create subdomains for mydomain.org like mail.mydomain.org
> and www.mydomain.org.
>       2.  Also host a mail server at mydomain.org.
>       3.  And obviously have all this information external so that
> anyone on the www can access my subdomains.
>
> Here is what I have so far. I realize I know very little and I am
> getting lost in the sea of information about BIND and DNS and I am
> having trouble locating information on the basics. If anyone can offer
> a solution or a sugestion or even an online document you found helpful
> I would greatly appretiate it.
>
> Thank you,
> Lewis Bosson
>
>
>
> -----------------db.192.168.123--------------------
>
> $TTL 38400
> ; /var/named/db.192.168.123
> ;
>
> 123.168.192.in-addr.arpa. IN SOA ns1.mydomain.org. admin.mydomain.org.
> (
>                           1        ; Serial
>                           10800    ; Refresh after 3 hours
>                           3600     ; Retry after 1 hour
>                           604800   ; Expire after 1 week
>                           86400 )  ; Minimum TTL of 1 day
>
> ; Name servers
>
> 123.168.192.in-addr.arpa.    IN NS    ns1.mydomain.org.
>
> ; Addresses point to canonical names
>
> 1.123.168.192.in-addr.arpa.    IN PTR    ns1.mydomain.org.
> 1.123.168.192.in-addr.arpa.    IN PTR    www.mydomain.org.
> 1.123.168.192.in-addr.arpa.    IN PTR    mail.mydomain.org.
> 1.123.168.192.in-addr.arpa.    IN PTR    mydomain.org.
> 254.123.168.192.in-addr.arpa.  IN PTR    gateway.mydomain.org.
> 100.123.168.192.in-addr.arpa.    IN PTR    cpu1.mydomain.org.
> 101.123.168.192.in-addr.arpa.    IN PTR    cpu2.mydomain.org.
> 102.123.168.192.in-addr.arpa.    IN PTR    cpu3.mydomain.org.
> 103.123.168.192.in-addr.arpa.    IN PTR    cpu4.mydomain.org.
>
> -------------------db.mydomain.org----------------------
>
> $TTL 86401
> ; /var/named/db.mydomain.org
> ;
>
> mydomain.org. IN SOA ns1.mydomain.org. admin.mydomain.org. (
>                           1        ; Serial
>                           10800    ; Refresh after 3 hours
>                           3600     ; Retry after 1 hour
>                           604800   ; Expire after 1 week
>                           86400 )  ; Minimum TTL of 1 day
>
> ; Name servers
>
> mydomain.org.    IN NS  ns1.mydomain.org.
>
> ; Primary Addresses
>
> ns1.mydomain.org.    IN A    192.168.123.1
> mail.mydomain.org.   IN A    192.168.123.1
> www.mydomain.org.    IN A    192.168.123.1
> mydomain.org.        IN A    192.168.123.1
> cpu1.mydomain.org.    IN A    192.168.123.100
> cpu2.mydomain.org.    IN A    192.168.123.101
> cpu3.mydomain.org.    IN A    192.168.123.102
> cpu4.mydomain.org.    IN A    192.168.123.103
> gateway.mydomain.org.  IN A    192.168.123.254
>
> ---------------named.conf----------------
>
> // This BIND 8.2 Config File was installed by Apple Remote Admin.
> // /etc/named.conf
>
> controls {
> //      unix "/var/run/ndc" perm 0600 owner 0 group 0;
>         inet 127.0.0.1 port 54 allow {any; };
> };
>
> options {
>         directory "/var/named";
>         notify yes;
>         forwarders { 204.60.0.2; 204.60.0.3 };
>         statistics-interval 1;
> //stats-file "named-stats";
> };
>
> zone "mydomain.org" in {
>         type master;
>         file "db.mydomain.org";
> };
>
> zone "123.168.192.in-addr.arpa" in {
>         type master;
>         file "db.192.168.123";
> };
>
> zone "0.0.127.in-addr.arpa" in {
>         type master;
>         file "db.127.0.0";
> };
>
> zone "." in {
>         type hint;
>         file "db.cache";
> };

More information about the bind-users mailing list