On 02/27/2013 11:47 AM, Reindl Harald wrote:
Am 27.02.2013 17:42, schrieb Robert Moskowitz:
On Centos 6.3 (bind 9.8.2 with security patches) I did:
yum install bind bind-chroot
In /etc/sysconfig/network-scripts/ifcfg-eth0 set:
DNS1=127.0.0.1
DNS2=::1
ifdown eth0; ifup eth0
Add to /var/named/chroot/etc/named.conf options section:
forward only;
forwarders {
'IPv4 addr of forwarded server';
'IPv6 addr of forwarded server';
'etc.';
};
hopefully to your own TRSUTABLE forwarders and not
to ISP resolvers which all of their mangeling and
the problems if you use spamhaus.org and such blacklists
that you get blocked
Yes, you ONLY forward to servers where there is agreement that you MAY
use them as forwarders. This is typically your own main DNS servers.
Otherwise, it runs 'out-of-the-box' as a caching server using the
regular '.' hints to find things.
Another tidbit is you should firewall access to port 53. Your caching
server is only for you. It is listening only on localhost, but why open
up a port not needed.