[prev in list] [next in list] [prev in thread] [next in thread]
List: bind-users
Subject: RE: DNS's example of configuration with view and zones
From: "Darcy Kevin (FCA)" <kevin.darcy () fcagroup ! com>
Date: 2015-08-20 15:54:41
Message-ID: 3b86a7a2634b4106874e70eaedfa6dea () mxph4chrw ! fgremc ! it
[Download RAW message or body]
Please be clear: is your confusion/concern over the *reverse*zones* that are \
associated with the subnets of these 3 network interfaces?
Because, if you're only dealing with *forward* zones, then the fact that you have 3 \
interfaces, on 3 different subnets, really doesn't matter (since named will, by \
default, listen on all interfaces, and for outbound queries, it's left to the \
Operating System to decide, based on its routing configuration, what interface to use \
to send any given packet). From a forward-zone perspective, whether you have 3 \
interfaces, or 30, you should be able to use the same named.conf (although one may \
wish to tune the interface-interval, depending on how dynamically those interfaces \
are being added/deleted).
If it's *reverse*zones* that you're struggling with, please understand that the \
reverse zones hosted by a given nameserver may not have anything to do with the \
interfaces that are configured on the box. There is no requirement that a given \
nameserver host *any* reverse DNS for any subnet on which it is resident, or, for \
that matter, any reverse DNS at all. It is a best practice for *someone* to host the \
reverse DNS for any given subnet, but it could be a completely different nameserver, \
perhaps run by a completely different organization, and may not be *in* the subnet \
for which it is hosting reverse DNS. If we're talking "private" (RFC 1918 and/or RFC \
4193) addresses, then you can't expect anyone on the Internet to host that for you -- \
you'd need to make your own arrangements to have those parts of the reverse-DNS \
namespace(s) resolvable on your private network.
If you just need an example of how to define IPv4 reverse zones, then:
zone "2.0.192.in-addr.arpa" {
type master;
file "2.0.192.in-addr.arpa";
};
zone "100.51.198.in-addr.arpa" {
type master;
file "100.51.198.in-addr.arpa";
};
zone "113.0.203.in-addr.arpa" {
type master;
file "113.0.203.in-addr.arpa";
};
For each zone, define the SOA, at least 2 NSes, and populate your reverse entries as \
PTR records.
- Kevin
-----Original Message-----
From: bind-users-bounces@lists.isc.org [mailto:bind-users-bounces@lists.isc.org] On \
Behalf Of Int
Sent: Thursday, August 20, 2015 12:45 AM
To: Reindl Harald
Cc: bind-users@lists.isc.org
Subject: DNS's example of configuration with view and zones
Importance: High
You would be able to send me some DNS's example of configuration with view and zones, \
for 3 interfaces of net, for favor as I can create the inverse zones for 3 different \
sub-nets
I do not have access to internet in Cuba
Greetings
William
----- Mensaje original -----
De: "Reindl Harald" <h.reindl@thelounge.net>
Para: bind-users@lists.isc.org
Enviados: MiƩrcoles, 19 de Agosto 2015 18:59:27
Asunto: Re: Can I run two name servers on one host with two IP addresses?
Am 20.08.2015 um 00:53 schrieb Tom Browder:
> I have a single server with access to several IP addresses from my
> dedicated host provider. They do not provide DNS service so I
> currently use my domain registrar.
>
> I would like to run my own DNS server but I only have the one server
> (with 5 IP addresses). Is it possible (and permitted) to run DNS with
> just one real server?
they have to be on different IP networks and the reason si simply to avoid a \
single-point of failure
so even if you have different IP ranges on your single machine don't do it - unless \
they come from different internet connections and your machine itself is a HA cluster
DNS going down has a lot of side-effects for a domain
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from \
this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from \
this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from \
this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic