Re: delegating subname.localdomain to 127.0.0.2 on the client machine?
In article mailman.1259.1272073959.21153.bind-us...@lists.isc.org,
Mark Hedges hed...@scriptdolphin.com wrote:
On Wed, 21 Apr 2010, Barry Margolin wrote:
The scenario is a farm of sendmail + RBL servers that
have independent management and databases, but a single
bind server. Sendmail etc. would do a lookup of
78.56.34.12.rbl.localdomain and it would look at
localhost on 127.0.0.2, where the local RBL service
listens.
You need to run a caching nameserver on the sendmail
machines, and point them to 127.0.0.1 in /etc/resolv.conf.
The stub resolver doesn't follow delegations, it sends
recursive queries and expects the server to do all the
work.
Actually this is not working still. Am I wasting my time?
rbldnsd listens on 127.0.0.2 and answers right when queried
directly for something like
1.139.214.85.countries.rbl.localdomain.
named listens on 127.0.0.1, set in /etc/resolv.conf, and
answers all other queries correctly, including
'horta.localdomain' set up in example below, so I know it is
reading in the zone file.
However, named will not delegate *.rbl.localdomain zones,
and gives NXDOMAIN. Help? Thanks --mark--
You have an out-of-zone A record for rbl.localdomain. That may be
causing an error when loading the zone file.
// named.conf
acl localdomain {
127.0.0.0/8;
};
options {
listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
directory /var/named;
dump-file /var/named/data/cache_dump.db;
statistics-file /var/named/data/named_stats.txt;
memstatistics-file /var/named/data/named_mem_stats.txt;
// Those options should be used carefully because they disable port
// randomization
// query-sourceport 53;
// query-source-v6 port 53;
// our nameservers...
forwarders { 192.168.9.86; 192.168.9.35; };
allow-transfer { localdomain; };
allow-recursion { localdomain; };
allow-query { localdomain; };
allow-query-cache { localdomain; };
};
logging {
channel default_debug {
file data/named.run;
severity debug;
};
};
view localhost_resolver {
match-clients { localdomain; };
match-destinations { localdomain; };
recursion yes;
include /etc/named.rfc1912.zones;
};
// named.rfc1912.zones excerpt:
zone localdomain IN {
type master;
file localdomain.zone;
allow-update { none; };
};
# localdomain.zone
$TTL900
@ IN SOA localhost root (
2010042302 ; serial
5m ; refresh
5m ; retry
30m ; expiry
5m ; minimum cache
)
IN NS localhost.localdomain.
IN NS rbldnsd.localdomain.
localhost IN A127.0.0.1
horta IN A 127.0.0.3
; delegate rbl zones to rbl localhost ip.
; rbl listens on 127.0.0.2 so this does not cause a lookup loop.
rbldnsd IN A127.0.0.2
rbl.localdomain.IN NS rbldnsd.localdomain.
rbl.localdomain.IN A127.0.0.2
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: delegating subname.localdomain to 127.0.0.2 on the client machine?
On Wed, 21 Apr 2010, Barry Margolin wrote:
The scenario is a farm of sendmail + RBL servers that
have independent management and databases, but a single
bind server. Sendmail etc. would do a lookup of
78.56.34.12.rbl.localdomain and it would look at
localhost on 127.0.0.2, where the local RBL service
listens.
You need to run a caching nameserver on the sendmail
machines, and point them to 127.0.0.1 in /etc/resolv.conf.
The stub resolver doesn't follow delegations, it sends
recursive queries and expects the server to do all the
work.
Actually this is not working still. Am I wasting my time?
rbldnsd listens on 127.0.0.2 and answers right when queried
directly for something like
1.139.214.85.countries.rbl.localdomain.
named listens on 127.0.0.1, set in /etc/resolv.conf, and
answers all other queries correctly, including
'horta.localdomain' set up in example below, so I know it is
reading in the zone file.
However, named will not delegate *.rbl.localdomain zones,
and gives NXDOMAIN. Help? Thanks --mark--
// named.conf
acl localdomain {
127.0.0.0/8;
};
options {
listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
directory /var/named;
dump-file /var/named/data/cache_dump.db;
statistics-file /var/named/data/named_stats.txt;
memstatistics-file /var/named/data/named_mem_stats.txt;
// Those options should be used carefully because they disable port
// randomization
// query-sourceport 53;
// query-source-v6 port 53;
// our nameservers...
forwarders { 192.168.9.86; 192.168.9.35; };
allow-transfer { localdomain; };
allow-recursion { localdomain; };
allow-query { localdomain; };
allow-query-cache { localdomain; };
};
logging {
channel default_debug {
file data/named.run;
severity debug;
};
};
view localhost_resolver {
match-clients { localdomain; };
match-destinations { localdomain; };
recursion yes;
include /etc/named.rfc1912.zones;
};
// named.rfc1912.zones excerpt:
zone localdomain IN {
type master;
file localdomain.zone;
allow-update { none; };
};
# localdomain.zone
$TTL900
@ IN SOA localhost root (
2010042302 ; serial
5m ; refresh
5m ; retry
30m ; expiry
5m ; minimum cache
)
IN NS localhost.localdomain.
IN NS rbldnsd.localdomain.
localhost IN A127.0.0.1
horta IN A 127.0.0.3
; delegate rbl zones to rbl localhost ip.
; rbl listens on 127.0.0.2 so this does not cause a lookup loop.
rbldnsd IN A127.0.0.2
rbl.localdomain.IN NS rbldnsd.localdomain.
rbl.localdomain.IN A127.0.0.2
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
delegating subname.localdomain to 127.0.0.2 on the client machine?
Hi...
Is it possible to configure .localdomain to delegate a
subdomain to 127.0.0.2, so that the client then tries to do
a lookup from that localhost address on itself?
The scenario is a farm of sendmail + RBL servers that have
independent management and databases, but a single bind
server. Sendmail etc. would do a lookup of
78.56.34.12.rbl.localdomain and it would look at localhost
on 127.0.0.2, where the local RBL service listens.
Is that possible?
For lookups that work when queried directly from the client
local RBL on 127.0.0.2,
this causes the response no answer:
view local_domains {
match-clients { localhost; internal; };
match-destinations { localhost; internal; };
recursion no;
include /etc/named.rfc1912.zones;
};
and recursion yes causes the response NXDOMAIN.
Those were better outcomes, it seemed, than response timed
out when rfc1912.zones was lumped into views of the
internal network and vpn domains, which have recursion for
looking up external names.
Mark
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: delegating subname.localdomain to 127.0.0.2 on the client machine?
In article mailman.1224.1271891255.21153.bind-us...@lists.isc.org,
Mark Hedges hed...@scriptdolphin.com wrote:
Hi...
Is it possible to configure .localdomain to delegate a
subdomain to 127.0.0.2, so that the client then tries to do
a lookup from that localhost address on itself?
The scenario is a farm of sendmail + RBL servers that have
independent management and databases, but a single bind
server. Sendmail etc. would do a lookup of
78.56.34.12.rbl.localdomain and it would look at localhost
on 127.0.0.2, where the local RBL service listens.
You need to run a caching nameserver on the sendmail machines, and point
them to 127.0.0.1 in /etc/resolv.conf. The stub resolver doesn't follow
delegations, it sends recursive queries and expects the server to do all
the work.
Is that possible?
For lookups that work when queried directly from the client
local RBL on 127.0.0.2,
this causes the response no answer:
view local_domains {
match-clients { localhost; internal; };
match-destinations { localhost; internal; };
recursion no;
include /etc/named.rfc1912.zones;
};
and recursion yes causes the response NXDOMAIN.
Those were better outcomes, it seemed, than response timed
out when rfc1912.zones was lumped into views of the
internal network and vpn domains, which have recursion for
looking up external names.
Mark
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: delegating subname.localdomain to 127.0.0.2 on the client machine?
On Wed, 21 Apr 2010, Barry Margolin wrote: The scenario is a farm of sendmail + RBL servers that have independent management and databases, but a single bind server. Sendmail etc. would do a lookup of 78.56.34.12.rbl.localdomain and it would look at localhost on 127.0.0.2, where the local RBL service listens. You need to run a caching nameserver on the sendmail machines, and point them to 127.0.0.1 in /etc/resolv.conf. The stub resolver doesn't follow delegations, it sends recursive queries and expects the server to do all the work. Thanks that works awesomely! --mark-- ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
