Untuk file zone sudah saya taruh di /var/named/chroot/var/named/ dan
untuk file conf dan resolve saya taruh di /var/named/chroot/etc/ tapi
masih blm bisa jalan juga dan setiap saya nslookup -sil namadomain
selalu connection time out server not found berikut konfigurasi
named.conf :
options
{
/* make named use port 53 for the source of all queries, to allow
* firewalls to block all ports except 53:
*/
query-source port 53;
query-source-v6 port 53;
// Put files that named is allowed to write in the data/ directory:
directory "/var/named"; // the default
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
};
logging
{
/* If you want to enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run' file in the $directory
(/var/named).
* By default, SELinux policy does not allow named to modify the
/var/named directory,
* so put the default debug log file in data/ :
*/
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view "localhost_resolver"
{
/* This view sets up named to be a localhost resolver ( caching only
nameserver ).
* If all you want is a caching-only nameserver, then you need only
define this view:
*/
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
# all views must contain the root hints zone:
include "/etc/named.root.hints";
/* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names
should
* ONLY be served to localhost clients:
*/
include "/etc/named.rfc1912.zones";
/*
* Internal zone
*/
include "/etc/named.internal.zones";
};
view "internal"
{
/* This view will contain zones you want to serve only to "internal" clients
that connect via your directly attached LAN interfaces - "localnets" .
*/
match-clients { localnets; };
match-destinations { localnets; };
recursion yes;
// all views must contain the root hints zone:
include "/etc/named.root.hints";
// include "named.rfc1912.zones";
// you should not serve your rfc1912 names to non-localhost clients.
// These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above :
//zone "my.internal.zone" {
// type master;
// file "my.internal.zone.db";
//};
//zone "my.slave.internal.zone" {
// type slave;
// file "slaves/my.slave.internal.zone.db";
// masters { /* put master nameserver IPs here */ 127.0.0.1; } ;
// // put slave zones in the slaves/ directory so named can
update them
//};
//zone "my.ddns.internal.zone" {
// type master;
/// allow-update { key ddns_key; };
// file "slaves/my.ddns.internal.zone.db";
// // put dynamically updateable zones in the slaves/ directory
so named can update them
//};
};
key ddns_key
{
algorithm hmac-md5;
secret "lcvlBzGB2x7kM6ve8ttW0TtOWoc0RZOeKVTzS911nNN6DknY967TZ7obuiz7";
//secret "use /usr/sbin/dns-keygen to generate TSIG keys";
};
view "external"
{
/* This view will contain zones you want to serve only to "external" clients
* that have addresses that are not on your directly attached LAN
interface subnets:
*/
match-clients { !localnets; !localhost; };
match-destinations { !localnets; !localhost; };
recursion no;
// you'd probably want to deny recursion to external clients, so you
don't
// end up providing free DNS service to all takers
// all views must contain the root hints zone:
include "/etc/named.root.hints";
// These are your "authoritative" external zones, and would probably
// contain entries for just your web and mail servers:
//zone "my.external.zone" {
// type master;
// file "my.external.zone.db";
//};
};
dan berikut konfigurasi named.internal.zones :
zone "sukma.net" IN {
type master;
file "db.sukma";
allow-update { none; };
};
zone "10.168.192.in-addr.arpa" IN {
type master;
file "db.192.168";
allow-update { none; };
};
dan berikut konfigurasi db.sukma dan db.192.168
## db.sukma
$TTL 86400
@ IN SOA ns.sukma.net info.sukma.net (
070501 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS ns.sukma.net.
IN A 192.168.10.5
ns IN A 192.168.10.5
www IN CNAME ns
##db.192.168
$TTL 86400
@ IN SOA ns.sukma.net. info.sukma.net. (
070509 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns.sukma.net.
5 IN PTR ns.sukma.net.
A. Yahya wrote:
On 5/10/07, Gatot Setiawan <[EMAIL PROTECTED]> wrote:
Tapi saya pernah coba tidak link ke /var/named/chroot/ selalu zone not
found. Bisa jelaskan secara rinci ngak mas
Jika menggunakan bind dengan chroot [bind-chroot], semua file
configurasi ataupun datanya disimpan di /var/named/chroot.
cd /var/named
ls
chroot localdomain.zone named.broadcast named.ip6.local named.zero
data localhost.zone named.ca named.local slaves
cd chroot
ls
dev etc proc var
Yaya
__________________________________________________
Apakah Anda Yahoo!?
Lelah menerima spam? Surat Yahoo! memiliki perlindungan terbaik terhadap spam
http://id.mail.yahoo.com
--
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke [EMAIL PROTECTED]
Arsip dan info milis selengkapnya di http://linux.or.id/milis
