On Thursday 24 January 2002 15:28 pm, Sagar Srivastava wrote:
> 1) I get following entries in my /var/log/messages related to my named
> server and none in /var/log/named.log
> Jan 24 14:43:07 seawolf named[10844]: lame server on 'www.chequemail.com'
> (in 'chequemail.com'?): 203.199.107.155#53
> a)What does lame server mean? What do these lines indicate?
You can ignore that. It usually means that one of the nameservers of
chequemail.com is not authoritative for that zone (usually configuration
problem).
If you are really irritated, add to your named.conf file:
logging {
category lame-servers { null; };
};
> 2)Secondly, to tell you I am running Primary DNS servers on my Linux
> Server for several .com Domains. Obviously my ISPs (networksolutions.com
> etc) are handling the secondry DNS for those respective domains. My
> question is: a) I want to restrict zone transfers to only my ISPs DNS
> servers and not to the whole world, how would I find my ISPs servers
> addresses (to allow them in my named.conf file) when zone transfers are not
> logged at all in my logfiles ( I told you I am having only above lines in
> my log related to named and nothing else. Do I need to change the facility
> level in syslog? b) what port in my firewall should I open for domain
> transfers also to take place apart from DNS queries?
a) if x.y.z.t is your secondary name server, then
allow-transfer {
x.y.z.t;
};
You can find out the correct secondary name server by
host -t ns yourdomain.com
b) To log zone transfers as well,
logging {
category xfer-out { default_syslog; };
};
b) Everything related to DNS happens on port 53; open up 53 for both
tcp and udp. You should be ok then.
More and more businesses are coming to LIH for free consultancy - interesting
trend ;-) My fees are somewhat less than Raju Mathur's - I ask for only a
third of your kingdom. ;-)
Binand
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
