[olug] Bind 9

Quinn Coldiron qcoldir at nmhs.org
Thu Apr 10 19:34:24 UTC 2003


here is my named.conf.  I see the allow part in the controls area, but I
don't understand the docs that I've been reading on configuring that.






// Config file for caching only name server
//
// The version of the HOWTO you read may contain leading spaces
// (spaces in front of the characters on these lines ) in this and
// other files.  You must remove them for things to work.
//
// Note that the filenames and directory names may differ, the
// ultimate contents of should be quite similar though.

options {
        directory "/var/named";

        // Uncommenting this might help if you have to go through a
        // firewall and things are not working out.  But you probably
        // need to talk to your firewall admin.

        // query-source port 53;
};

controls {
        inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};

key "rndc_key" {
        algorithm hmac-md5;
        secret
"c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
};

zone "." {
        type hint;
        file "root.hints";
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "pz/127.0.0";
};

zone "nmhs.org"{
	type master;
	notify no;
	file "pz/nmhs.org";
};







On Thu, 2003-04-10 at 14:17, Phil Brutsche wrote:
> A long time ago, in a galaxy far, far way, someone said...
> 
> > I've got a Bind 9 server I'm setting up on RH.  So far, the zone and
> > everything looks good and works when querying from the localhost, but
> > other boxes can query the server.
> >
> > I'm following the DNS howto as much as possible.  Anything I should know
> > that's special about Bind 9?
> 
> It's pickier about zone files than BIND 8, but other than that no.
> 
> RH may have set some defaults to allow only localhost to make queries.
> There may also be some sort of firewall configuration.
> 
> Look for some line that might look something like one of these in
> named.conf:
> 
> allow-query { 127.0.0.1; };
> allow-recursion { 127.0.0.1; };
> listen-on { 127.0.0.1; };
> 
> Grepping /var/log/messages for references to named may shed light on the
> situation.
> 
> Posting the options section of the config file, if you can, will help as
> well.
-- 

-----------------------------
Quinn P. Coldiron
Cerner Technical Coordinator
Nebraska Methodist Hospital
402-354-1619
qcoldir at nmhs.org




More information about the OLUG mailing list