Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 21st July 2006, 06:54
tjd tjd is offline
Member
 
Join Date: May 2006
Posts: 46
Thanks: 4
Thanked 2 Times in 1 Post
Default modify named.conf for no recursion options?

DNS check sites complain *LOUDLY* that the bind server is "open", so we need to put limits on recursion by including the appropriate options. Reintroducing the options {...<recursion ip here} syntax below the "manual additions here" line provided by ISPConfig is no good, as it "redefines options" and bind throws an error. Any edits above the line get overwritten. Where is the php configure library for named.conf text?

And to sneak one in, what do we do if our zone record serial numbers are out of wack between main ns and slave ns?
Reply With Quote
Sponsored Links
  #2  
Old 21st July 2006, 07:03
anoshi anoshi is offline
Junior Member
 
Join Date: Jul 2006
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default

classic - just came here to ask the same thing.

It's been bugging me for days!

Is there a template for named.conf which is used by ISP config for when it overwrites named.conf? If so, where is it located? I could manually modify this template to include the necessary allow-recursion entries
Reply With Quote
  #3  
Old 21st July 2006, 07:12
tjd tjd is offline
Member
 
Join Date: May 2006
Posts: 46
Thanks: 4
Thanked 2 Times in 1 Post
Default more on "open" dns servers

Seems like the file reqired is /root/ispconfig/isp/conf/named.conf.master.

The mods are:
put this above the options section
acl internal {
n.n.n.n/n;
};

put this at the bottom of the options section, before the last curly bracket:

options {
allow-recursion {
internal;
};

then, go to /etc/named.conf and make the same changes. This way they won't get overwritten.

Nothing seemed to break. At least it worked fr me. Oh yeah, make local file backups first.

Which leaves "how do we get zone records serial numbers to sync?"

And one more, "how come one of my zones keeps making a slave with one ns server, when there are cleary two in the ISPConfig interface?"

Last edited by tjd; 21st July 2006 at 07:15.
Reply With Quote
  #4  
Old 21st July 2006, 07:19
tjd tjd is offline
Member
 
Join Date: May 2006
Posts: 46
Thanks: 4
Thanked 2 Times in 1 Post
Default out of sync serials and a missing dns server

how do we get zone records to sync out of sync serial numbers?

also, we run our own servers, but one zone continually provides a slave with only one server listed

Have modified the sql record but it still does it.
Reply With Quote
  #5  
Old 21st July 2006, 07:29
anoshi anoshi is offline
Junior Member
 
Join Date: Jul 2006
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default

what's in tail /var/log/messages regarding your DNS setup when you do a restart of named? Anything look out of whack there? The notifies should be sent/received by the pri/sec.

and yeah, thanks for the named.conf template location, all good!

Last edited by anoshi; 21st July 2006 at 07:32.
Reply With Quote
  #6  
Old 21st July 2006, 08:16
tjd tjd is offline
Member
 
Join Date: May 2006
Posts: 46
Thanks: 4
Thanked 2 Times in 1 Post
 
Default out of synch admin brain

Doh! Don't be logged in as root when you want to force a dns tranfer to slave files....

blush
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 20:16.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.