#1  
Old 18th July 2006, 09:27
unkn0wn unkn0wn is offline
Senior Member
 
Join Date: Mar 2006
Posts: 110
Thanks: 0
Thanked 0 Times in 0 Posts
Default bind9 and view

I want to know do i fallow right track
i have apt-get bind9 dns-utils write my own named.conf

Code:


include "/etc/bind/named.conf.options";


logging{
  channel simple_log {
    file "/var/log/named/bind.log" versions 3 size 5m;
    severity warning;
    print-time yes;
    print-severity yes;
    print-category yes;
  };
  category default{
    simple_log;
  };
};



zone "." {
type hint;
file "/etc/bind/db.root";
};



zone "localhost" {
type master;
file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};



view "trusted" {
 match-clients { 192.168.23.0/24; }; 
  recursion yes;
  zone "garden.com {
   type master;
   file "/etc/bind/db.garden.com-int.";
  };

 };
view "badguys" {
 match-clients {"any"; }; 
 recursion no;
 };
 zone "garden.com {
   type master;
   // javni hostovi
   file "/etc/bind/db.garden.com-ext";
  };
  // add required zones
 };
include "/etc/bind/named.conf.local";
I want to splice enternal and external network.
Is this a good syntax.
Can i add notify or some else clausule.

After that i write zones one ext with public IP and one internal with internal ip.

I just want to know before i proved to work is that named.conf ok?
Reply With Quote
Sponsored Links
  #2  
Old 19th July 2006, 02:20
unkn0wn unkn0wn is offline
Senior Member
 
Join Date: Mar 2006
Posts: 110
Thanks: 0
Thanked 0 Times in 0 Posts
Default

its said that all zones should be in view statment .
???
Reply With Quote
  #3  
Old 19th July 2006, 12:54
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
Default

Did you have a look here? http://www.howtoforge.com/two_in_one_dns_bind9_views

Quote:
Originally Posted by unkn0wn
its said that all zones should be in view statment .
???
Any error messages?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 19th July 2006, 15:07
unkn0wn unkn0wn is offline
Senior Member
 
Join Date: Mar 2006
Posts: 110
Thanks: 0
Thanked 0 Times in 0 Posts
Default

i look that but i dont understand .
must i copy all zone to "trusted" part?

is this corect

Code:
iew "trusted" {
  match-clients { 192.168.23.0/24; };
  recursion yes;

  zone "garden.com" {
    type master;
    file "/etc/bind/db.garden-int.com";
  };

  zone "255.in-addr.arpa" {
    type master;
    file "/etc/bind/db.255";
  };

zone "." {
        type hint;
        file "/etc/bind/db.root";
};

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

};

view "badguys" {
  match-clients {"any"; };
  recursion no;

  zone "garden.com" {
    type master;
    file "/etc/bind/db.garden-ext.com";
  };
};
Reply With Quote
  #5  
Old 20th July 2006, 12:28
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
Default

Looks ok. Did you test it?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #6  
Old 20th July 2006, 12:34
unkn0wn unkn0wn is offline
Senior Member
 
Join Date: Mar 2006
Posts: 110
Thanks: 0
Thanked 0 Times in 0 Posts
Default

i test it but when i use this config client couldnot reach dns
omg .......
any sugestions?
Reply With Quote
  #7  
Old 20th July 2006, 13:10
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
Default

Anything in your logs? Is port 53 (TCP and UDP) open in your firewall?
What's the output of
Code:
netstat -tap
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #8  
Old 21st July 2006, 13:53
unkn0wn unkn0wn is offline
Senior Member
 
Join Date: Mar 2006
Posts: 110
Thanks: 0
Thanked 0 Times in 0 Posts
Default

axe:~# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:tcpmux *:* LISTEN 21976/portsentry
tcp 0 0 *:20034 *:* LISTEN 21976/portsentry
tcp 0 0 *:32771 *:* LISTEN 21976/portsentry
tcp 0 0 *:32772 *:* LISTEN 21976/portsentry
tcp 0 0 *:40421 *:* LISTEN 21976/portsentry
tcp 0 0 *:32773 *:* LISTEN 21976/portsentry
tcp 0 0 *:32774 *:* LISTEN 21976/portsentry
tcp 0 0 *:31337 *:* LISTEN 21976/portsentry
tcp 0 0 localhost.localdo:mysql *:* LISTEN 30171/mysqld
tcp 0 0 *:ircd *:* LISTEN 21976/portsentry
tcp 0 0 *:systat *:* LISTEN 21976/portsentry
tcp 0 0 *op3 *:* LISTEN 1542/dovecot
tcp 0 0 *:5742 *:* LISTEN 21976/portsentry
tcp 0 0 *:imap2 *:* LISTEN 21976/portsentry
tcp 0 0 *:sunrpc *:* LISTEN 21976/portsentry
tcp 0 0 *:finger *:* LISTEN 21976/portsentry
tcp 0 0 *:netstat *:* LISTEN 21976/portsentry
tcp 0 0 *:54320 *:* LISTEN 21976/portsentry
tcp 0 0 *:sieve *:* LISTEN 21976/portsentry
tcp 0 0 *:10000 *:* LISTEN 26918/perl
tcp 0 0 *:27665 *:* LISTEN 21976/portsentry
tcp 0 0 *:ingreslock *:* LISTEN 21976/portsentry
tcp 0 0 192.168.200.1:domain *:* LISTEN 11985/named
tcp 0 0 localhost.locald:domain *:* LISTEN 11985/named
tcp 0 0 *:ftp *:* LISTEN 21976/portsentry
tcp 0 0 *:ssh *:* LISTEN 21976/portsentry
tcp 0 0 *:nntp *:* LISTEN 21976/portsentry
tcp 0 0 *:telnet *:* LISTEN 21976/portsentry
tcp 0 0 *:socks *:* LISTEN 21976/portsentry
tcp 0 0 *:smtp *:* LISTEN 11231/master
tcp 0 0 *:12345 *:* LISTEN 21976/portsentry
tcp 0 0 *:12346 *:* LISTEN 21976/portsentry
tcp 0 0 *:635 *:* LISTEN 21976/portsentry
tcp 0 0 *:49724 *:* LISTEN 21976/portsentry
tcp 0 0 *:uucp *:* LISTEN 21976/portsentry
tcp 0 0 localhost.localdom:2525 *:* LISTEN 3439/gld
tcp 0 0 *rospero *:* LISTEN 31411/pure-ftpd (SE
tcp 0 0 localhost.localdo:mysql localhost.localdo:42270 ESTABLISHED30171/mysqld
tcp 0 0 localhost.localdo:42270 localhost.localdo:mysql ESTABLISHED7913/dovecot-auth
tcp6 0 0 *:2021 *:* LISTEN 20199/sshd
tcp6 0 0 *:2022 *:* LISTEN 20199/sshd
tcp6 0 0 *:2222 *:* LISTEN 20199/sshd
tcp6 0 0 *:www *:* LISTEN 1048/apache2
tcp6 0 0 *:https *:* LISTEN 1048/apache2
tcp6 0 0 *rospero *:* LISTEN 31411/pure-ftpd (SE
tcp6 0 4712 ::ffff:192.168.200:2222 ::ffff:212.62.46.9:3101 ESTABLISHED6025/0
Reply With Quote
  #9  
Old 22nd July 2006, 15:50
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
 
Default

Ok, BIND is running...
Anything in your logs? Is port 53 (TCP and UDP) open in your firewall?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Two-in-one DNS server with BIND9 sotiris1821 HOWTO-Related Questions 4 8th March 2006 08:28


All times are GMT +2. The time now is 06:24.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.