delegating subname.localdomain to 127.0.0.2 on the client machine?
Barry Margolin
barmar at alum.mit.edu
Sun Apr 25 17:27:30 UTC 2010
In article <mailman.1259.1272073959.21153.bind-users at lists.isc.org>,
Mark Hedges <hedges at scriptdolphin.com> wrote:
> On Wed, 21 Apr 2010, Barry Margolin wrote:
> > >
> > > The scenario is a farm of sendmail + RBL servers that
> > > have independent management and databases, but a single
> > > bind server. Sendmail etc. would do a lookup of
> > > 78.56.34.12.rbl.localdomain and it would look at
> > > localhost on 127.0.0.2, where the local RBL service
> > > listens.
> >
> > You need to run a caching nameserver on the sendmail
> > machines, and point them to 127.0.0.1 in /etc/resolv.conf.
> > The stub resolver doesn't follow delegations, it sends
> > recursive queries and expects the server to do all the
> > work.
>
> Actually this is not working still. Am I wasting my time?
>
> rbldnsd listens on 127.0.0.2 and answers right when queried
> directly for something like
> 1.139.214.85.countries.rbl.localdomain.
>
> named listens on 127.0.0.1, set in /etc/resolv.conf, and
> answers all other queries correctly, including
> 'horta.localdomain' set up in example below, so I know it is
> reading in the zone file.
>
> However, named will not delegate *.rbl.localdomain zones,
> and gives NXDOMAIN. Help? Thanks --mark--
You have an out-of-zone A record for rbl.localdomain. That may be
causing an error when loading the zone file.
>
> // named.conf
> acl "localdomain" {
> 127.0.0.0/8;
> };
> options {
> listen-on port 53 { 127.0.0.1; };
> // listen-on-v6 port 53 { ::1; };
> directory "/var/named";
> dump-file "/var/named/data/cache_dump.db";
> statistics-file "/var/named/data/named_stats.txt";
> memstatistics-file "/var/named/data/named_mem_stats.txt";
>
> // Those options should be used carefully because they disable port
> // randomization
> // query-source port 53;
> // query-source-v6 port 53;
>
> // our nameservers...
> forwarders { 192.168.9.86; 192.168.9.35; };
> allow-transfer { localdomain; };
> allow-recursion { localdomain; };
> allow-query { localdomain; };
> allow-query-cache { localdomain; };
> };
> logging {
> channel default_debug {
> file "data/named.run";
> severity debug;
> };
> };
> view localhost_resolver {
> match-clients { localdomain; };
> match-destinations { localdomain; };
> recursion yes;
> include "/etc/named.rfc1912.zones";
> };
>
> // named.rfc1912.zones excerpt:
> zone "localdomain" IN {
> type master;
> file "localdomain.zone";
> allow-update { none; };
> };
>
>
> # localdomain.zone
> $TTL 900
> @ IN SOA localhost root (
> 2010042302 ; serial
> 5m ; refresh
> 5m ; retry
> 30m ; expiry
> 5m ; minimum cache
> )
> IN NS localhost.localdomain.
> IN NS rbldnsd.localdomain.
>
> localhost IN A 127.0.0.1
>
> horta IN A 127.0.0.3
>
> ; delegate rbl zones to rbl localhost ip.
> ; rbl listens on 127.0.0.2 so this does not cause a lookup loop.
> rbldnsd IN A 127.0.0.2
> rbl.localdomain. IN NS rbldnsd.localdomain.
> rbl.localdomain. IN A 127.0.0.2
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list