Req: Total beginners help - Win Q.

Sat Dec 17 19:04:47 UTC 2005

Kevin Darcy wrote:
> Techie wrote:
>
> >Ok, this is about a setup on a windows box for the prupose of learning from
> >scratch. I better say that flat out from the beginning not to offend anyone
> >since I have noticed it's happend far to easily before.
> >
> >Hence, I am here to learn. Not to step on peoples toes, and if that is to
> >much, then I'm sorry but I not only want to learn, but I also have to
> >learn.
> >
> >We all learn by different methods and I learn by taking an example and
> >breaking it own. Not by building an example from scratch without knowing
> >what I'm doing.
> >
> >Thus I am asking anyone willing to put about 15 minutes of effort in, to
> >show me how to do this, so I can get something that may actually work, to
> >bounce around with on my own.
> >
> >I have been told off before, because I am using a Win box to set this up
> >and play around with. I have been told by some in my city that they want
> >£1,000 to set up a box for me doing just what I outline below. (Some
> >horrendus people, but I guess it's their idea of making a living.)
> >
> >What I simply need, to get in to this, may seem ridiculous to some, but
> >hey, it's my way of learning, and if we where all the same, it would be a
> >boring world to live in.
> >
> >Enough of the appologetics and to the study case of mine...
> >
> >This whole thing assumes I have run the installer on my XP can used for
> >studies of any kind. It's not a distribution example but just for practical
> >training anyway.
> >
> >What I plan to achive:    	A Master (primary) DNS server setup
> >
> >All names, zones and IP's are of course fictitious and for training
> >purposes only.
> >
> >-----
> >
> >There are two domains.
> >
> >    MYMAINDOMAIN.COM
> >    SECONDDOMAIN.COM
> >
> >    MYDOMAIN.COM has the following structure
> >
> >        NS1.MYDOMAIN.COM        on    99.99.99.1
> >        NS2.MYDOMAIN.COM        on    99.99.99.2
> >        MAIL.MYDOMAIN.COM       on    99.99.99.1
> >        MAIL2.MYDOMAIN.COM      on    99.99.99.2
> >        MYDOMAIN.COM            on    99.99.99.1
> >        FTP.MYDOMAIN.COM        on    99.99.99.1
> >
> >Of course, www.mydomain.com should also go to 99.99.99.1
> >The primary and secondary NS servers are self evident in this case.
> >I would also need a sample of the reverse lookup file for 1.99.99.99.in-
> >addr-arpa and 2.99.99.99.in-addr-arpa as well.
> >
> >There is also the SPF record to consider.
> >
> >    	"v=spf1 a mx ip4:99.99.99.1 ip4:99.99.99.2"
> >
> >
> >Now, the second domain have the following structure.
> >
> >    	SECONDDOMAIN.COM is also located on 99.99.99.1
> >
> >Subsequently www.SECONDDOMAIN.COM is there too.
> >
> >    	FTP. SECONDDOMAIN.COM is also on 99.99.99.1
> >
> >    	MAIL. SECONDDOMAIN.COM		on	99.99.99.1
> >    	MAIL2. SECONDDOMAIN.COM		on	99.99.99.2
> >
> >The primary and secondary NS for this SECONDDOMAIN.COM is
> >
> >    	NS1.MYDOMAIN.COM and NS2.MYDOMAIN.COM.
> >
> >Also here is the SPF record to consider.
> >
> >    	"v=spf1 a mx ip4:99.99.99.1 ip4:99.99.99.2"
> >
> >
> >----
> >
> >Enough about the outline.
> >
> >Could some kind soul please show me the contents and formatting of the
> >required files, and the named.conf file needed to start BIND 9.3.1
> >successfully, then I'll be out of everyones hair playing around by myself
> >until I know what I'm doing.
> >
> Since SPF is the most "exceptional" part of your requirements, I spent a
> few minutes with Google looking for an example of a whole zone file that
> included SPF records, and turned up the following:
> http://spf.idimo.com/how_to-s/how_to_set_up_SPF.html
>
> As for named.conf, a simplistic config would be:
>
> options {
>     directory "/var/named";
>     recursion no;
> };
>
> zone "example.com" {
>     type master;
>     file "example.com";
> };
>
> When I say "simplistic", I *really* mean simplistic. This doesn't
> configure anything to do with logging, controls (i.e. the ability to
> control the operation of the nameserver process via the "rndc" command;
> because nothing has been defined for "controls", named will try on every
> restart to set up the rndc control channel using default parameters, and
> complain in the logs when that fails), and the only security measure
> here is "recursion no", which disables named's capability to go out and
> resolve names from other nameservers (therefore this config would be
> useless for allowing your nameserver to resolve Internet DNS for local
> clients). You'd really need to customize this in order to make it "ready
> for the world", but to do a decent job of that, you'd need to understand
> some of the underlying theory of DNS and some configuration basics of
> the BIND implementation. The usual recommendation around here for
> learning about both the theory and practice of DNS and BIND is the
> _DNS_and_BIND_ book from O'Reilly. It's considered the "bible" on the
> subject...
>
>
>                                              - Kevin

Techie-

Would you be willing to post what you've been using that failed?
Although I'm not positive, I think that 1069 error is security related
and may actually not be related to your configuration at all.

-Tony