[olug] Bind 9

Thu Apr 10 19:44:03 UTC 2003

I just tried changing it to this and it still doesn't work:

// Config file for caching only name server
//
// The version of the HOWTO you read may contain leading spaces
// (spaces in front of the characters on these lines ) in this and
// other files.  You must remove them for things to work.
//
// Note that the filenames and directory names may differ, the
// ultimate contents of should be quite similar though.

options {
        directory "/var/named";

	allow-query { any; };

        // Uncommenting this might help if you have to go through a
        // firewall and things are not working out.  But you probably
        // need to talk to your firewall admin.

        // query-source port 53;
};

zone "." {
        type hint;
        file "root.hints";
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "pz/127.0.0";
	allow-query { any; };
};

zone "nmhs.org"{
	type master;
	notify no;
	file "pz/nmhs.org";
	allow-query { any; };
};

On Thu, 2003-04-10 at 14:34, Quinn Coldiron wrote:
> here is my named.conf.  I see the allow part in the controls area, but I
> don't understand the docs that I've been reading on configuring that.
> 
> 
> 
> 
> 
> 
> // Config file for caching only name server
> //
> // The version of the HOWTO you read may contain leading spaces
> // (spaces in front of the characters on these lines ) in this and
> // other files.  You must remove them for things to work.
> //
> // Note that the filenames and directory names may differ, the
> // ultimate contents of should be quite similar though.
> 
> options {
>         directory "/var/named";
> 
>         // Uncommenting this might help if you have to go through a
>         // firewall and things are not working out.  But you probably
>         // need to talk to your firewall admin.
> 
>         // query-source port 53;
> };
> 
> controls {
>         inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
> };
> 
> key "rndc_key" {
>         algorithm hmac-md5;
>         secret
> "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
> };
> 
> zone "." {
>         type hint;
>         file "root.hints";
> };
> 
> zone "0.0.127.in-addr.arpa" {
>         type master;
>         file "pz/127.0.0";
> };
> 
> zone "nmhs.org"{
> 	type master;
> 	notify no;
> 	file "pz/nmhs.org";
> };
> 
> 
> 
> 
> 
> 
> 
> On Thu, 2003-04-10 at 14:17, Phil Brutsche wrote:
> > A long time ago, in a galaxy far, far way, someone said...
> > 
> > > I've got a Bind 9 server I'm setting up on RH.  So far, the zone and
> > > everything looks good and works when querying from the localhost, but
> > > other boxes can query the server.
> > >
> > > I'm following the DNS howto as much as possible.  Anything I should know
> > > that's special about Bind 9?
> > 
> > It's pickier about zone files than BIND 8, but other than that no.
> > 
> > RH may have set some defaults to allow only localhost to make queries.
> > There may also be some sort of firewall configuration.
> > 
> > Look for some line that might look something like one of these in
> > named.conf:
> > 
> > allow-query { 127.0.0.1; };
> > allow-recursion { 127.0.0.1; };
> > listen-on { 127.0.0.1; };
> > 
> > Grepping /var/log/messages for references to named may shed light on the
> > situation.
> > 
> > Posting the options section of the config file, if you can, will help as
> > well.
-- 

-----------------------------
Quinn P. Coldiron
Cerner Technical Coordinator
Nebraska Methodist Hospital
402-354-1619
qcoldir at nmhs.org