begin [EMAIL PROTECTED] quotation:
> I don't suppose anybody could give me an example.
Some sample zonefiles follow, near the end of this message. These are
from years ago, and were from BIND 8.x, and therefore don't have $TTL
lines at the top of the zonefiles, but are otherwise clean.
(As with your site, I'm currently using BIND 9.1.x, but am sending you
these older examples because they show matching forward and reverse
entries. Sorry, can't help you with your MS-Win2000 problems.)
> Do I need the nameservers of the networks these boxes are on?
If I understand your question correctly, no.
> So I guess I would have this in my /etc/named.conf:
>
> zone "u3net.com" in {
> type master;
> file "u3net.com";
> };
>
> zone "100.248.204.in-addr.arpa" in {
> type master;
> file "204.248.100";
> };
Please note that you may want to restrict zone-transfers of these master
domains to specific slave-nameserver IP addresses, for security reasons.
Not that it does _much_ good to prevent the world at large from doing
zone transfers as an easy means of resource discovery, but it's at least
a tiny bit helpful. So, for my own forward lookup (on my BIND v. 9.1.x
setup), I have:
zone "linuxmafia.com" {
type master;
file "/etc/bind/linuxmafia.com.zone";
allow-transfer {
140.174.70.1;
140.174.70.58;
198.186.202.135;
};
};
> Why not 26.100.248.204.in-addr-arpa?
Because "26" is a host in the reverse zone, not part of the zone's
name.
You probably have a reverse zonefile that's like this (ignoring the SOA
header and other stuff)
$ORIGIN 100.248.204.in-addr.arpa.
26 IN PTR www.u3net.com.
You may not have an $ORIGIN line, as it's essentially redundant to the
zone name declared in the named.conf reference. (I have it in each of
my zonefiles, nonetheless, just as documentation.)
Anyhow, note the effect of the above: The "26" in the zonefile is not
terminated with a period, so it gets $ORIGIN appended to it, resulting
in "26.100.248.204.in-addr.arpa." as the fully-qualified reverse name
of this host. (This is intended as a more-complete answer to your
question of why the zone name is not 26.100.248.204.in-addr-arpa.)
Please note that any given IP address may have only one valid reverse
name (at a time), even though you might have any number of
forward-lookup hostnames resolving to that IP.
> Why have a $TTL as 2 or 3 and not something else?
Hmm? I must be missing something, here: TTL values, like the other
time values in SOAs and elsewhere, are in units of seconds. A TTL value
of 2 or 3 seconds would be impossibly brief.
> What are best-performance values for the figures in the SOA?
Well, performance is a tradeoff against the need to force updates and
expirations to prevent stale information from persisting. If we didn't
have to worry about stale information, we'd get maximal performance by
setting all of these time values as high as possible.
You might want to follow the example here:
http://www.acmebw.com/askmrdns/archive.php?category=83&question=595
Those are reasonable values, for most purposes, and he explains TTL
well.
> How do I test the configuration with dig after it's all done?
Being an old fogie and set in my ways, I still tend to use nslookup.
Maybe someone else will assist.
> What about email accounts on the domain name, like
> [EMAIL PROTECTED] for example?
That is really an MTA issue, not a name-service one. Unless I'm missing
something, in your question.
> And, is there a template somewhere I can just copy and alter to add a new
> domain zone? With the hostnames www and ftp too?
You're welcome to use mine. Here they are.
Here is "imat.com.zone":
; hosts file for named for imat.com /usr/local/lib/named/imat.com.zone
$ORIGIN imat.COM.
@ IN SOA myrddin.imat.COM. rrc.myrddin.imat.COM. (
1997121501 ; serial
86400 ; refresh 24 hours
600 ; retry 1 hour
604800 ; expire 7 days
259200 ; minimum TTL 3 days
)
IN NS myrddin.imat.COM.
IN NS lll-winken.llnl.GOV.
IN NS polaris.llnl.GOV.
IN NS mail.coffeenet.net.
@ IN A 140.174.70.1
IN MX 0 myrddin.imat.COM.
myrddin IN A 140.174.70.1
IN HINFO AMI-Pentium/100 Linux-v1.2.5
IN MX 10 myrddin.imat.COM.
nevyn IN A 140.174.70.2
IN HINFO Compaq-486/50L OS/2-3.0
wyrm IN A 140.174.70.3
IN HINFO AMI-486/33EISA DOS-5.0
grendel IN A 140.174.70.4
IN HINFO Compaq-386/20 SVR4.2
taliesin IN A 140.174.70.5
IN HINFO Mylex-P66 Linux-1.2.6
IN MX 10 taliesin.imat.COM.
seahunt IN A 140.174.70.10
IN HINFO INTEL-P90 Linux-v1.3.28
IN MX 10 seahunt.imat.COM.
; commented out for testing, msn 12/15/97 IN MX 20
myrddin.imat.COM.
ymir IN A 140.174.70.22
IN HINFO AMI-486/66 OS/2-3.0
IN MX 10 ymir.imat.COM.
hugin IN A 140.174.70.21
IN HINFO Intel-486/33 Linux-v1.2.5
IN MX 10 hugin.imat.COM.
IN MX 20 myrddin.imat.COM.
mordred IN A 140.174.70.100
localhost IN A 127.0.0.1
www IN CNAME myrddin.imat.COM.
ftp IN CNAME myrddin.imat.COM.
mail IN CNAME myrddin.imat.COM.
news IN CNAME myrddin.imat.COM.
www.hugin IN CNAME hugin.imat.COM.
sfpcug IN CNAME atlas.sfpcug.ORG.
s10 IN CNAME seahunt.imat.COM.
Here is "70.174.140.imat.com.rev". Note that this is a class-C
subnetting of a class-B IP range.
$ORIGIN 174.140.in-addr.arpa.
70 IN SOA myrddin.imat.COM. rrc.myrddin.imat.COM. (
1998020301
3600
1000
604800
259200 )
IN NS myrddin.imat.COM.
IN NS lll-winken.llnl.GOV.
IN NS polaris.llnl.GOV.
IN NS mail.coffeenet.net.
$ORIGIN 70.174.140.in-addr.arpa.
1 IN PTR myrddin.imat.COM.
2 IN PTR nevyn.imat.COM.
3 IN PTR wyrm.imat.COM.
4 IN PTR grendel.imat.COM.
5 IN PTR taliesin.imat.COM.
10 IN PTR seahunt.imat.COM.
22 IN PTR ymir.imat.com.
21 IN PTR hugin.imat.COM.
31 IN PTR atlas.sfpcug.ORG.
32 IN PTR eos.sfpcug.ORG.
51 IN PTR mocha.coffeenet.NET.
52 IN PTR latte.coffeenet.NET.
53 IN PTR espresso.coffeenet.NET.
54 IN PTR sumatra.coffeenet.NET.
55 IN PTR java.coffeenet.NET.
56 IN PTR kenya.coffeenet.NET.
57 IN PTR macchiato.coffeenet.NET.
58 IN PTR mail.coffeenet.NET.
59 IN PTR crema.coffeenet.NET.
60 IN PTR americana.coffeenet.NET.
100 IN PTR mordred.imat.COM.
101 IN PTR www.kops59.com.
102 IN PTR www.txlonghorn.com.
103 IN PTR www.graphicmode.com.
104 IN PTR www.railsplitters.com.
105 IN PTR www.sourceservsf.com.
--
Cheers, Linux: Good, fast, AND cheap.
Rick Moen
[EMAIL PROTECTED]
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
