re: can't find bind

1998-07-15 Thread LeRoy D. Cressy 
Michael Harnois wrote:

> I have bind set up as a caching-only nameserver on the machine that
> serves as my internet gateway, and it works just peachy. However, my
> workstation can't see it: i.e. when I run nslookup, I get 

> *** Can't find server name for address 192.168.0.3: Non-existent
>host/domain
>
> and it rolls over to the second listing in resolv.conf, my ISP's
> nameserver. Since everything else on my localnet works fine, what's
> wrong here?

nslookup depends on the creation of ``A'' records in files kept
in /var/named/ directory.  The Debian install and setup does not
create these for you.  You have to do a little work on your own
and create a full fledge name server for your network.

First run run bind config to set up the various files that you need
under Debian.  When it comes to the point of asking whether you want
a caching only server answer no.  Bindconfig will prompt you for the
forwarders and such.  These are the actual nameserver addresses of
your isp nameserver 1 and 2.  

After you have the that done hand edit the /var/named/boot.options
file to reflect your local nameserver 

example:

;
; Options for name server
; Use `bindconfig' to automatically configure this file
;

forwarders  198.69.186.1  198.69.186.2

; type  domain  source  file
primary localhost   named.local
primary 127.in-addr.arpanamed.rev-local

;; Custom configurations below (will be preserved)
primary jesus-is.orgnamed.hosts
primary 1.168.192.in-addr.arpa  
named.rev-hostspatches-place:/var/named/

next edit the /var/named.hosts file to reflect your system host names

example:

;
; /var/named/named.hosts
;
; BIND our hosts
;
@   IN  SOA patches-place.jesus-is.org.
leroy.patches-place.jesus-is.org. (
  1 ; Serial
  86400 ; Refresh 24 hours
900 ; Retry 15 minutes
2592000 ; Expire 30 days
1209600 )   ; Default TTL 14 days
;
IN  NS  patches-place.jesus-is.org.
IN  MX  5 patches-place.jesus-is.org
;

; patches-place:
;
patches-place IN  A   192.168.1.1
  IN  HINFO   PC-586  Linux
nsIN  A   192.168.1.1 
nameserverIN  CNAME   patches-place.jesus-is.org.
;

;
;
; other hosts
;
;
peepers IN  A   192.168.1.2
IN  HINFO   PC-386SXLinux

monet   IN  A   192.168.1.3
IN  HINFO   PC-Pentium  Linux


Next edit /var/named/named.rev-hosts

example:

;
; /var/named/named.rev-hosts
;
;named.rev-hosts
;
@   IN  SOA patches-place.jesus-is.org.
lcressy.patches-place.jesus-is.org. (
  
  1 ; Serial
  86400 ; Refresh 24 hours
900 ; Retry 15 minutes
2592000 ; Expire 30 days
1209600 )   ; Default TTL 14 days
;
IN  NS  patches-place.jesus-is.org.
;
; reverse map your IP addresses
;
0   IN  PTR  jesus-is.org
1   IN  PTR  patches-place.jesus-is.org.
2   IN  PTR  peepers.jesus-is.org.
3   IN  PTR  monet.jesus-is.org

Next edit your /etc/resolv.conf to point to your name server

example:

nameserver 127.0.0.1
search jesus-is.org
nameserver  192.168.1.1

finally, edit your /etc/host.conf

example:

order hosts,bind
multi on
nospoof on
alert on
trim jesus-is.org



Well anyway, I hope that this helps your church.  PTL 
BTW, I usually don't read the user list, so if you have 
any questions mail me directly

Thanks
-- 
  0 0  L & R Associates
   "   Home Page:http://www.netaxs.com/~ldc/
___ooO ~ Ooo___

LeRoy D. Cressy  /\_/\  [EMAIL PROTECTED]
Computer Consulting ( o.o ) Phone (215) 535-4037
 > ^ <  Fax   (215) 535-4285


--  
Unsubscribe?  mail -s unsubscribe [EMAIL PROTECTED] < /dev/null

Re: can't find bind

1998-07-14 Thread Nathan E Norman 
On 14 Jul 1998, Michael Harnois wrote:

: I have bind set up as a caching-only nameserver on the machine that
: serves as my internet gateway, and it works just peachy. However, my
: workstation can't see it: i.e. when I run nslookup, I get 
: 
: *** Can't find server name for address 192.168.0.3: Non-existent
: host/domain
: 
: and it rolls over to the second listing in resolv.conf, my ISP's
: nameserver. Since everything else on my localnet works fine, what's
: wrong here?

One (or more) of the daemons is trying to do a reverse lookup.  TCP
wrappers like to do this, for example.  However, no-one reverse serves
0.168.192.in-addr.arpa, because it's an RFC1918 network.

You can

1) reverse serve the domain yourself, in which case you should NOT
answer DNS queries from outside your network, or

2) Play with /etc/hosts.{allow,deny} and either disable TCP wrappers or
explicitly allowing connections from 192.168.0.0/24, or

3) Find out which daemons (or services) are doing reverse lookups and
make them not do that.  Number 2 will probably accomplish this.

--
Nathan Norman
MidcoNet - 410 South Phillips Avenue - Sioux Falls, SD  57104
mailto://[EMAIL PROTECTED]   http://www.midco.net
finger [EMAIL PROTECTED] for PGP Key: (0xA33B86E9)



--  
Unsubscribe?  mail -s unsubscribe [EMAIL PROTECTED] < /dev/null