Thanks
On 10/03/2013 11:39 PM, Steven Carr wrote:
So the reason it's failing is because you don't have a view configured
for the zones contained in /etc/bind/named.conf.default-
zones. If you implement views then all zones must be added to a view.
Edit the /etc/bind/named.conf.default-zones file and insert in the
view statements e.g.
view "internal" {
at the top of the file and an extra closing bracket at the bottom
};
Steve
On 3 October 2013 22:06, Paweł Ch.<pch0...@gmail.com> wrote:
When I copy named.conf.default-zones inside "dmz" view in named.conf.local
then named started but is problem with requested other zone than
authoritative for this server:
Served by:
- M.ROOT-SERVERS.NET
- A.ROOT-SERVERS.NET
.
.
it is ok?
My conf file are:
# cat named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in
/etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
------------------------------------------------------------------------------
# cat named.conf.options
acl dmz { 10.0.0.0/24; };
options {
allow-query { any; };
allow-query-cache { any; };
directory "/var/cache/bind";
notify no;
recursion no;
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
rrset-order {
class IN type A name "aaaaaaaaaaaaa" order fixed;
class IN type A name "aaaaaaaaaaaaa" order fixed;
class IN type A name "aaaaaaaaaaaaa" order fixed;
class IN type A name "aaaaaaaaaaaaa" order fixed;
};
};
logging {
channel update_debug {
file "/var/log/update_debug.log" versions 3 size 100k;
severity debug;
print-severity yes;
print-time yes;
};
channel security_info {
file "/var/log/security_info.log" versions 1 size 100k;
severity info;
print-severity yes;
print-time yes;
};
channel bind_log {
file "/var/log/bind.log" versions 3 size 1m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default { bind_log; };
category lame-servers { null; };
category update { update_debug; };
category update-security { update_debug; };
category security { security_info; };
};
------------------------------------------------------------------------------
# cat named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
view "dmz" {
zone "aaaaaaaaaaaaa"
{
type master;
file "/etc/bind/db.aaaaaaaaaaaaa";
allow-query { any; };
allow-transfer { a.a.a.a; a.a.a.a; };
};
.
.
output ommited
.
.
zone "aaaaaaaaaaaaa"
{
type master;
file "/etc/bind/db.aaaaaaaaaaaaa";
allow-query { any; };
allow-transfer { a.a.a.a; a.a.a.a; };
};
};
------------------------------------------------------------------------------
# cat named.conf.default-zones
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
On 3 October 2013 19:55, Steven Carr<sjc...@gmail.com> wrote:
Please post your full named.conf config file (you can obfuscate any
sensitive information).
Steve
On 3 October 2013 18:53, Paweł Ch.<pch0...@gmail.com> wrote:
Hi list
I have problem with views in bind9 on debian 6. I configured server like
here https://wiki.debian.org/Bind9 and it works. When i add entry: view
"dmz" { match-clients { 10.0.0.0/24; }; }; bind9 can't start.
What I can do to solve problem?
Thanks
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
