On 02/27/2013 11:47 AM, Reindl Harald wrote:
Am 27.02.2013 17:42, schrieb Robert Moskowitz:On Centos 6.3 (bind 9.8.2 with security patches) I did: yum install bind bind-chroot In /etc/sysconfig/network-scripts/ifcfg-eth0 set: DNS1=127.0.0.1 DNS2=::1 ifdown eth0; ifup eth0 Add to /var/named/chroot/etc/named.conf options section: forward only; forwarders { 'IPv4 addr of forwarded server'; 'IPv6 addr of forwarded server'; 'etc.'; };hopefully to your own TRSUTABLE forwarders and not to ISP resolvers which all of their mangeling and the problems if you use spamhaus.org and such blacklists that you get blocked
Yes, you ONLY forward to servers where there is agreement that you MAY use them as forwarders. This is typically your own main DNS servers. Otherwise, it runs 'out-of-the-box' as a caching server using the regular '.' hints to find things.
Another tidbit is you should firewall access to port 53. Your caching server is only for you. It is listening only on localhost, but why open up a port not needed.
