[TriLUG] forward zones
Magnus Hedemark
chrish at trilug.org
Tue Aug 5 21:35:34 EDT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday 05 August 2003 15:40, Scott Lundgren wrote:
> My thinking was that I would then do the same but backwards to create the
> forward zone. However I found that if I tried to add records to the only
> forward zone, localhost (athos's localhost is acting as the nameserver),
> the only records I could were to <blank>.localhost (which I thought would
> have been subdomains to localhost). Instead I added 3 new Forward Master
> Zone records, one for each box. Everything works, each box can ping & nmap
> each other box by IP & hostname since all 3 use athos for a gateway &
> nameserver. So are forward zones created per machine than per network
> segement like reverse zones ? Or is something seemingly working but
> probably isn't?
You ought to be creating a different forward zone for your network, preferably
with a unique domain name. I usually like to use the .priv top level domain
if the network is not going to have routes into it from the Internet (as is
the case with most home networks). For example, I use "yonderway.priv" as my
forward zone name.
In /etc/named.conf there is an entry like:
zone "yonderway.priv" IN {
type master;
file "yonderway.priv.zone";
allow-update { none; };
Then there is a file /var/named/yonderway.priv.zone which looks like:
; yonderway.priv domain database
@ IN SOA bluegill.yonderway.priv. chris.yonderway.com. (
22 ; Serial
3600 ; Refresh
900 ; Retry
3600000 ; Expire
3600 ) ; Minimum
IN NS bluegill.yonderway.priv.
; Addresses
localhost.yonderway.priv. IN A 127.0.0.1
diodon.yonderway.priv. IN A 192.168.55.1
bluegill.yonderway.priv. IN A 192.168.55.2
tuna.yonderway.priv. IN A 192.168.55.3
books.yonderway.priv. IN CNAME bluegill.yonderway.priv.
ldp.yonderway.priv. IN CNAME bluegill.yonderway.priv.
netbsd.yonderway.priv. IN CNAME bluegill.yonderway.priv.
openbsd.yonderway.priv. IN CNAME bluegill.yonderway.priv.
Far less robust a configuration than I might use for a client but it serves my
purposes fine. I used to have a secondary name server but I'm living as a
guest temporarily in someone else's home so had to bring only a short stack
of machines with me. (also this file is abbreviated from what it really looks
like, just enough to give you a taste of what the zone files look like).
All those CNAME records are for VirtualHost entries in the Apache config on
bluegill. I mirror some valuable documentation sites on the home server due
to problems with the broadband connection not being reliable.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc2 (GNU/Linux)
iD8DBQE/MFtrYPuF4Zq9lvYRAveaAKC3FPb3kJaejrQHEG7FtgpsdOVaSwCfUOHT
jpaypCmnISWs1AyUkXSaJhQ=
=/p/7
-----END PGP SIGNATURE-----
More information about the TriLUG
mailing list