Slave DNS
Hello *, I have only one fixed IP from my ISP and run my own (Master) name server. A friend from me in another Network segment does the Slave. I do the same for him. Now I am puzzeling arround, whether it is possibel, to setup the slave DNS to accept any domains (including newly created) from a master... I find it realy annoying, if I have ask every time the owner of the Slave, to add a new zone. Any Hints? Thanks ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Slave DNS
On Sat, July 21, 2012 20:03, Jan-Piet Mens wrote: I find it realy annoying, if I have ask every time the owner of the Slave, to add a new zone. Assuming your version of BIND is new enough, look at `rndc addzone' with which you can add and remove zones at run-time w/out having to edit `named.conf'. Which mean, my DNS partner need his own rndc key which let him add/remove zones as slave? How can I do this? I mean, I have to give him some permissions... Greetings Kal ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
[SOLVED] Re: Slave DNS
I have gotten a sugestion which should work very well: 1) NS has apache SSL running 2) Create a script which add/remove zones to/from a slave zones list 3) run a cronjob which update the named_slave_zones.conf and reload named This give me the possibility to create more then one slave zones list for several friends and partners whitout being a single time bothered with updates... Thanks in Advance Kal ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: allow-query for a zone
I would use
allow-query { 127.0.0.1; };
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Problems with NS @home and my public
Hello,
I learn network administration and like to configure my network to do:
workstation - ns.intra.mydomain.com - ns.mydomain.com
currently I have followin configs:
workstation:
--( /etc/resolv.conf )--
search intra.mydomain.com
nameserver 192.168.0.2
ns.intra.mydomain.com
--( /etc/resolv.conf )--
search mydomain.com
nameserver IP.OF.MY.PUBLIC.NS
-
--( /etc/named.conf.options )---
options {
directory /var/cache/bind;
check-names master fail;
check-names slave warn;
check-names response ignore;
auth-nxdomain no;
listen-on-v6 { any; };
listen-on { 192.168.0.2; };
forwarders {
IP.OF.MY.PUBLIC.NS;
};
dnssec-enable yes;
};
logging {
channel default_syslog {
syslog local2;
severity info;
print-category yes;
print-severity yes;
print-time no;
};
category default {
};
category edns-disabled {
null;
};
};
include /etc/bind/rndc.key;
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { rndc-key; };
};
include /etc/bind/tsig.key;
ns.mydomain.com:
--( /etc/resolv.conf )--
--( /etc/named.conf.options )---
options {
directory /var/cache/bind;
check-names master fail;
check-names slave warn;
check-names response ignore;
auth-nxdomain no;
listen-on-v6 { any; };
listen-on { IP.OF.MY.PUBLIC.NS; };
dnssec-enable yes;
recursion yes;
allow-recursion { any; };
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_syslog {
syslog local2;
severity info;
print-category yes;
print-severity yes;
print-time no;
};
category default {
default_syslog;
};
};
include /etc/bind/rndc.key;
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { rndc-key; };
};
include /etc/bind/tsig.key;
I have gotten the above config from the internet but it seems not to
work, because I have the same error messages like
lame-servers: info: error (unexpected RCODE REFUSED) resolving...
security: info: client MY.FIXED.HOME.IP#5525: query (cache) 'some_domain'
denied
lame-servers: info: error (network unreachable) resolving 'b.au//IN':
2607:f140::fffe::3#53
lame-servers: info: lame server resolving 'www.some_domain' (in
'some_domain'?): first.NS.IP#53
lame-servers: info: lame server resolving 'www.some_domain' (in
'some_domain'?): second.NS.IP#53
in my logs as another person on the list.
So, in the last days I was searchi the intenet hell how to solf this
problem but have noting found yet
Can someone help me please?
Where can I find a HOWTO which tell me how to setup my Name Server
correctly including DNSEC3
Thanks
Note: I need to lean this perfectly, because I come from a conty where
peoples are kidnaped and killed by the government and I need a
bulletproof setup which I can put online one day without risking
being hacked by my government
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Two outgoing queries for each incoming query
Is this possible with 9.6.0-P1 or do I need to change the code (all ideas where to start are welcome, I haven't looked at the code yet). I want to setup a forwarder and each incoming query (in fact only A or ) should be sent to two different upstream servers. Joe ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
