Help with setting up bind-9.2.0 and a zone file

WebReactor Networks bind at webreactor.net
Wed Mar 6 18:00:56 UTC 2002 

I tried to run some tests against your name server (fw.j-son.org), but the
query timed out consistently.  Do you have ports 53/tcp and 53/udp open on
the firewall? =20

  - John R. S.=20

> From: Christian J=F6nsson <c.christian.joensson at telia.com>
> Organization: Telia Internet
> Newsgroups: comp.protocols.dns.bind
> Date: Wed, 06 Mar 2002 09:05:09 GMT
> To: comp-protocols-dns-bind at isc.org
> Subject: Help with setting up bind-9.2.0 and a zone file
>=20
>=20
>=20
> I'm looking for information and help with setting up bind-9.2.0 on my
> Debian sparc-linux system at home with the addition of a zone
> file. I'd like to learn how to get this bind9 up and running here :-)
>=20
> I have a "firewall", fw, that run ipmasq and has an internal network
> interface eth1 and an external interface eth0, the host fw is
> 192.168.1.1 internally and external visible ip, say 22.33.44.55
> (phony). The internal network is 192.168.1.x
>=20
> This is my bind answer:
>=20
> fw:~# dig @localhost txt chaos version.bind
>=20
> ; <<>> DiG 9.2.0 <<>> @localhost txt chaos version.bind
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20516
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>=20
> ;; QUESTION SECTION:
> ;version.bind.            CH    TXT
>=20
> ;; ANSWER SECTION:
> version.bind.        0    CH    TXT    "9.2.0"
>=20
> ;; Query time: 18 msec
> ;; SERVER: 127.0.0.1#53(localhost)
> ;; WHEN: Wed Mar  6 09:49:52 2002
> ;; MSG SIZE  rcvd: 48
>=20
> I've modified the named.conf to contain the following:
>=20
> fw:~# cat /etc/bind/named.conf
> // This is the primary configuration file for the BIND DNS server named.
> //
> // Please read /usr/share/doc/bind9/README.Debian for information on the
> // structure of BIND configuration files in Debian, *BEFORE* you customiz=
e
> // this configuration file.
> //
>=20
> options {
> directory "/var/cache/bind";
>=20
> // If there is a firewall between you and nameservers you want
> // to talk to, you might need to uncomment the query-source
> // directive below.  Previous versions of BIND always asked
> // questions using port 53, but BIND 8.1 and later use an unprivileged
> // port by default.
>=20
> // query-source address * port 53;
>=20
> // If your ISP provided one or more IP addresses for stable
> // nameservers, you probably want to use them as forwarders.
> // Uncomment the following block, and insert the addresses replacing
> // the all-0's placeholder.
>=20
> forwarders {
> 10.0.0.1; 10.0.0.2;
> };
>=20
> allow-query { 192.168.1.0/24; localhost; };
>=20
> auth-nxdomain no;    # conform to RFC1035
>=20
> };
>=20
> key "rndc-key" {
> algorithm hmac-md5;
> secret "a little secret here";
> };
>=20
> // prime the server with knowledge of the root servers
> zone "." {
> type hint;
> file "/etc/bind/db.root";
> };
>=20
> // be authoritative for the localhost forward and reverse zones, and for
> // broadcast zones as per RFC 1912
>=20
> zone "localhost" {
> type master;
> file "/etc/bind/db.local";
> };
>=20
> zone "127.in-addr.arpa" {
> type master;
> file "/etc/bind/db.127";
> };
>=20
> zone "0.in-addr.arpa" {
> type master;
> file "/etc/bind/db.0";
> };
>=20
> zone "255.in-addr.arpa" {
> type master;
> file "/etc/bind/db.255";
> };
>=20
> // add entries for other zones below here
>=20
> zone "j-son.org" {
> type master;
> file "/etc/bind/j-son.org";
> };
>=20
> I'd like the zone file j-son.org to be a master, and I'd like it to
> propaget whatever changes I make to it to "all" ns there is
> eventually.=20
>=20
> I have two external nameservers ns1.hn.org and aux1.hn.org and this
> fw.j-son.org that I manage myself.
>=20
> Now, the zone file I've tried sofar is this:
>=20
> fw:~# cat /etc/bind/j-son.org
> $TTL 3D
> @       IN      SOA     j-son.org. root.j-son.org. (
> 2002030601      ; serial, todays date + todays serial #
> 8H              ; refresh, seconds
> 2H              ; retry, seconds
> 4W              ; expire, seconds
> 1D )            ; minimum, seconds
>=20
> @       IN              NS      fw.j-son.org.
> @       IN              MX      10 fw.j-son.org.
> localhost   IN    A     127.0.0.1
> @           IN    A     22.33.44.55
>=20
> fw         IN     A     22.33.44.55
> ns         IN     A     22.33.44.55
> www             CNAME   fw.j-son.org.
> ftp             CNAME   fw.j-son.org.
> news            CNAME   fw.j-son.org.
>=20
>=20
> I'm sure it's not quite appropriate, I get a SERVFAIL but it's my
> starting point.
>=20
> chj at sparky:~$ dig fw.j-son.org
>=20
> ; <<>> DiG 9.2.0 <<>> fw.j-son.org
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 60031
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>=20
> ;; QUESTION SECTION:
> ;fw.j-son.org.            IN    A
>=20
> ;; Query time: 529 msec
> ;; SERVER: 192.168.1.1#53(192.168.1.1)
> ;; WHEN: Wed Mar  6 10:02:35 2002
> ;; MSG SIZE  rcvd: 30
>=20
> chj at sparky:~$=20
>=20
> where sparky is a machine, also running Debian sparc-linux with bind9
> "as is".
>=20
> Any help is greatly appriciated, pointers to helpful informaton as
> well as direct help with setting my system up.
>=20
> One specific question I have is how do I get my nameserver to
> propagate it's information to "all other" nameservers when I have
> updated the zone file?
>=20
>=20
> TIA,
>=20
> /ChJ
>=20
>=20

More information about the bind-users mailing list