setting up dns on solaris
pawright23
mr_scrolly at yahoo.com
Tue Nov 7 18:45:57 UTC 2006
> > Any chance you could help me out as to where A records go? Sorry for
> > the beginner question.
> >
> That's really a matter of personal preference or local convention,
> analogous to how you lay out your directory structure on a disk. Do you
> *want* all of the nodes to be under the test.mydomain.com subdirectory?
> That's fine. It's also fine if you want to put all of those records
> directly under mydomain.com. Either way works. I was only pointing out
> that your forward (A) records were out of sync with your reverse (PTR)
> records. That's almost always *not* what you want.
Oh I see, I will fix that now
> >
> >> 4. The one and only NS for mydomain.com refers to a host called
> >> "test.mydomain.com", but there is no A record associated with that name
> >>
> >
> > As above
> >
> Uh, just add an A record with that name to the relevant zone.
I see what you mean - just wasn't understanding how the PTR and A
records hung together but I think I get it now.
> >
> >> 5. nslookup is only suitable for casual DNS lookups, not for serious
> >> troubleshooting of DNS resolution problems. "dig" is a better choice for
> >> that. If you can't get dig working in the near-term, and are stuck using
> >> nslookup, at least turn on debugging so you can see what it's doing
> >> behind the scenes -- it often misreports errors and you can't really
> >> know what failed unless you have debugging on.
> >>
> >
> > Any chance you could let me know how to do this?
> >
> To do what? Run dig? You just invoke it like any other command. If you
> want to invoke it without an explicit pathname, however, you'll need to
> install it from the BIND distribution to some "well known" pathname.
>
> Or, are you looking for some help on what command-line arguments to use
> with dig?
Sorry I meant turn debugging on. I'll look at getting dig working too
though
Kevin Darcy wrote:
> pawright23 wrote:
> > Thanks for this Kevin
> >
> > In response:
> >
> >
> >> 1. You have "forward first" mode set but no forwarders defined (?) Not
> >> sure what the point of that is.
> >>
> >
> > Whoops! Fixed that now!
> >
> >
> >> 2. You're loading your reverse zone as 3.5.10.in-addr.arpa but the A
> >> records in your forward zone are all the 10.10.10.* range
> >>
> >
> > Fixed
> >
> >
> >> 3. Your PTR records all refer to names in the test.mydomain.com
> >> subdomain, but you have no A records in that subdomain
> >>
> >
> > Any chance you could help me out as to where A records go? Sorry for
> > the beginner question.
> >
> That's really a matter of personal preference or local convention,
> analogous to how you lay out your directory structure on a disk. Do you
> *want* all of the nodes to be under the test.mydomain.com subdirectory?
> That's fine. It's also fine if you want to put all of those records
> directly under mydomain.com. Either way works. I was only pointing out
> that your forward (A) records were out of sync with your reverse (PTR)
> records. That's almost always *not* what you want.
> >
> >> 4. The one and only NS for mydomain.com refers to a host called
> >> "test.mydomain.com", but there is no A record associated with that name
> >>
> >
> > As above
> >
> Uh, just add an A record with that name to the relevant zone.
> >
> >> 5. nslookup is only suitable for casual DNS lookups, not for serious
> >> troubleshooting of DNS resolution problems. "dig" is a better choice for
> >> that. If you can't get dig working in the near-term, and are stuck using
> >> nslookup, at least turn on debugging so you can see what it's doing
> >> behind the scenes -- it often misreports errors and you can't really
> >> know what failed unless you have debugging on.
> >>
> >
> > Any chance you could let me know how to do this?
> >
> To do what? Run dig? You just invoke it like any other command. If you
> want to invoke it without an explicit pathname, however, you'll need to
> install it from the BIND distribution to some "well known" pathname.
>
> Or, are you looking for some help on what command-line arguments to use
> with dig?
>
>
> - Kevin
>
> >
> > Kevin Darcy wrote:
> >
> >> 1. You have "forward first" mode set but no forwarders defined (?) Not
> >> sure what the point of that is.
> >> 2. You're loading your reverse zone as 3.5.10.in-addr.arpa but the A
> >> records in your forward zone are all the 10.10.10.* range
> >> 3. Your PTR records all refer to names in the test.mydomain.com
> >> subdomain, but you have no A records in that subdomain
> >> 4. The one and only NS for mydomain.com refers to a host called
> >> "test.mydomain.com", but there is no A record associated with that name
> >> 5. nslookup is only suitable for casual DNS lookups, not for serious
> >> troubleshooting of DNS resolution problems. "dig" is a better choice for
> >> that. If you can't get dig working in the near-term, and are stuck using
> >> nslookup, at least turn on debugging so you can see what it's doing
> >> behind the scenes -- it often misreports errors and you can't really
> >> know what failed unless you have debugging on.
> >>
> >>
> >> - Kevin
> >>
> >>
> >> pawright23 wrote:
> >>
> >>> Hi,
> >>>
> >>> I wonder if anyone can help me with a setup issue I am having with a
> >>> standalone DND server. I am quite new to this so any help would be
> >>> appreciated.
> >>>
> >>> I have installed BIND 8.4.6 on a solaris 9 server and configured as
> >>> follows:
> >>>
> >>> created /usr/local/etc/named.conf
> >>>
> >>> #// This is a configuration file for named (from BIND 8.1 or later).
> >>>
> >>> #// It would normally be installed as /etc/named.conf.
> >>>
> >>> #
> >>> #
> >>>
> >>> options { directory "/var/named";
> >>>
> >>> };
> >>>
> >>> forward first;
> >>>
> >>> };
> >>>
> >>> zone "." {
> >>>
> >>> type hint;
> >>>
> >>> file "named.ca";
> >>>
> >>> };
> >>>
> >>>
> >>>
> >>> zone "mydomain.com" {
> >>> type master;
> >>>
> >>> file "private.hosts";
> >>>
> >>> };
> >>>
> >>>
> >>>
> >>> zone "3.5.10.in-addr.arpa." {
> >>>
> >>> type master;
> >>>
> >>> file "private.rev";
> >>>
> >>> };
> >>>
> >>>
> >>>
> >>> zone "0.0.127.in-addr.arpa." {
> >>>
> >>> type master;
> >>>
> >>> file "private.local";
> >>>
> >>>
> >>> created /var/named/named.ca
> >>>
> >>> ; This file holds the information on root name servers needed to
> >>>
> >>> ; initialize cache of Internet domain name servers
> >>>
> >>> ; (e.g. reference this file in the "cache . <file>"
> >>>
> >>> ; configuration file of BIND domain name servers).
> >>>
> >>> ;
> >>>
> >>> ; This file is made available by InterNIC
> >>>
> >>> ; under anonymous FTP as
> >>>
> >>> ; file /domain/named.root
> >>>
> >>> ; on server FTP.INTERNIC.NET
> >>>
> >>> ; -OR- RS.INTERNIC.NET
> >>>
> >>> ;
> >>>
> >>> ; last update: Jan 29, 2004
> >>>
> >>> ; related version of root zone: 2004012900
> >>>
> >>> ;
> >>>
> >>> ;
> >>>
> >>> ; formerly NS.INTERNIC.NET
> >>>
> >>> ;
> >>>
> >>> . 3600000 IN NS A.ROOT-SERVERS.NET.
> >>>
> >>> A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
> >>>
> >>> ;
> >>>
> >>> ; formerly NS1.ISI.EDU
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS B.ROOT-SERVERS.NET.
> >>>
> >>> B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
> >>>
> >>> ;
> >>>
> >>> ; formerly C.PSI.NET
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS C.ROOT-SERVERS.NET.
> >>>
> >>> C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
> >>>
> >>> ;
> >>>
> >>> ; formerly TERP.UMD.EDU
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS D.ROOT-SERVERS.NET.
> >>>
> >>> D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
> >>>
> >>> ;
> >>>
> >>> ; formerly NS.NASA.GOV
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS E.ROOT-SERVERS.NET.
> >>>
> >>> E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
> >>>
> >>> ;
> >>>
> >>> ; formerly NS.ISC.ORG
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS F.ROOT-SERVERS.NET.
> >>>
> >>> F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
> >>>
> >>> ;
> >>>
> >>> ; formerly NS.NIC.DDN.MIL
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS G.ROOT-SERVERS.NET.
> >>>
> >>> G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
> >>>
> >>> ;
> >>>
> >>> ; formerly AOS.ARL.ARMY.MIL
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS H.ROOT-SERVERS.NET.
> >>>
> >>> H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
> >>>
> >>> ;
> >>>
> >>> ; formerly NIC.NORDU.NET
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS I.ROOT-SERVERS.NET.
> >>>
> >>> I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
> >>>
> >>> ;
> >>>
> >>> ; operated by VeriSign, Inc.
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS J.ROOT-SERVERS.NET.
> >>>
> >>> J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
> >>>
> >>> ;
> >>>
> >>> ; operated by RIPE NCC
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS K.ROOT-SERVERS.NET.
> >>>
> >>> K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
> >>>
> >>> ;
> >>>
> >>> ; operated by ICANN
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS L.ROOT-SERVERS.NET.
> >>>
> >>> L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
> >>>
> >>> ;
> >>>
> >>> ; operated by WIDE
> >>>
> >>> ;
> >>>
> >>> . 3600000 NS M.ROOT-SERVERS.NET.
> >>>
> >>> M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
> >>>
> >>>
> >>> created /var/named/private.hosts
> >>>
> >>> ;
> >>>
> >>> ; Hosts file for domain mydomain.com.
> >>> ;
> >>>
> >>> ;name ttl class type data
> >>>
> >>> ;
> >>>
> >>> ; Source of authority
> >>>
> >>> @ IN SOA test.mydomain.com. root.test.mydomain.com. (
> >>> 2000050201 ; Serial
> >>>
> >>> 10800 ; Refresh - 3 hours
> >>>
> >>> 3600 ; Retry - 1 hour
> >>>
> >>> 432000 ; Expire - 1 week
> >>>
> >>> 86400) ; Minimum - 1 day
> >>>
> >>> IN NS test.mydomain.com.
> >>> ;
> >>>
> >>> ; Machines for the test.mydomain.com domain
> >>> ;
> >>>
> >>> ;name ttl class type data
> >>>
> >>> localhost IN A 127.0.0.1
> >>>
> >>> host1 IN A 10.10.10.11
> >>>
> >>> host2 IN A 10.10.10.12
> >>>
> >>> created /var/named/private.rev
> >>>
> >>> ;
> >>>
> >>> ; Reverse address file for mydomain.com
> >>> ;
> >>>
> >>> ;name ttl class type data
> >>>
> >>> ;
> >>>
> >>> ; Source of authority
> >>>
> >>> @ IN SOA test.mydomain.com. root.test.mydomain.com. (
> >>> 2000050201 ; Serial
> >>>
> >>> 10800 ; Refresh - 3 hours
> >>>
> >>> 3600 ; Retry - 1 hour
> >>>
> >>> 432000 ; Expire - 1 week
> >>>
> >>> 86400) ; Minimum - 1 day
> >>>
> >>> IN NS test.mydomain.com.
> >>> ;
> >>>
> >>> ; Machines names
> >>>
> >>> ;
> >>>
> >>> ;name ttl class type data
> >>>
> >>> 11 IN PTR host1.test.mydomain.com.
> >>> 12 IN PTR host2.test.mydomain.com.
> >>>
> >>> created /var/named/private.local
> >>>
> >>> ;
> >>>
> >>> ; Reverse address file for localhost
> >>>
> >>> ;
> >>>
> >>> ;name ttl class type data
> >>>
> >>> ;
> >>>
> >>> ; Source of authority
> >>>
> >>> @ IN SOA test.mydomain.com. root.test.mydomain.com. (
> >>> 2000050201 ; Serial
> >>>
> >>> 10800 ; Refresh - 3 hours
> >>>
> >>> 3600 ; Retry - 1 hour
> >>>
> >>> 432000 ; Expire - 1 week
> >>>
> >>> 86400) ; Minimum - 1 day
> >>>
> >>> IN NS test.mydomain.com.
> >>> ;
> >>>
> >>> ; Machines names
> >>>
> >>> ;
> >>>
> >>> ;name ttl class type data
> >>>
> >>> 1 IN PTR localhost.
> >>>
> >>>
> >>> then started the named daemon with:
> >>>
> >>> # /usr/local/etc/named.conf
> >>>
> >>> and nslookups don't work!
> >>>
> >>> Can anyone offer any insight? (I'm not really understanding how these
> >>> SOA entries work - could they be messed up as I've just stuck some
> >>> arbitrary values in there based on a templete I saw? Do all your host
> >>> resolutions go in the private.hosts and private.rev files?
> >>>
> >>> Many thanks
> >>>
> >>> Pete
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >
> >
> >
> >
> >
> >
More information about the bind-users
mailing list