DNS config problems
    Olivier Gautherot 
    olivier at gautherot.net
       
    Tue Sep 14 12:48:00 PDT 2004
    
    
  
Greetings Joshua!
In short, a magical wand and a cast should get you sorted out...
unless you ask for a more scientific approach on the freebsd-questions
list ;-) Sorry, obligatory disclaimer... :-)
Joshua Lewis wrote:
>I don't think I have set up Bind9 correctly and I was hoping someone could
>point out any mistakes I may have made. I have tried to follow the
>examples in the handbook. I even bought DNS and BIND from O'riley.
>  
>
So you're definitely the wizard on this list... :-)
>I don't really know how to troubleshoot a DNS issue yet. I know of the
>tools I just don't understand them yet. I have a MS DNS server running
>fine as my secondary and when I try to troubleshoot it I can't tell if I
>am getting a response from my MS system or my FBSD system.
>  
>
A command you can try is traceroute, which will show you what
your system does to resolve the name. nslookup should also
give you some valuable inputs.
>Should I post my config info here or is that just a real bad idea? I mean
>anyone can get what they want from the internet I just don't know if
>posting it here is like inviting someone to crack my system.
>  
>
Again, I would advise to do it on a more expert list if you decide
to do so (although it is probably wiser to send it on request).
>Also I currently only have one FreeBSD system. I am trying to run multiple
>services on this one system Mail, DNS, WWW, SQL. It is a pretty beefy
>system and will have no problem handling the load. I just want to hide the
>hostname of the system when I can. I only have the one customer hitting
>the system and it is a real small company. This system is overkill for
>them so I am trying to utilize the system to the best of my ability. I
>know in a perfect world I should have them each running on separate
>systems however that is not feasible right now. I was thinking of getting
>some old P1 systems and moving DNS over to that. Any other recommendations
>are welcome.
>  
>
I have an old 486 motherboard sitting around if you wish... :-)
Seriously, one thing you can do is set up some jails for your
mail and WWW (possibly SQL too). This way, if someone hacks
you web server, the rest of you system should remain safe.
Just make Apache claim it is running on a Windows machine
and, by the time the hackers find out that it was a joke, they
will probably be sitting in a psychiatric hospital after a nervous
breakdown :-)
Cheers
    Olivier
    
    
More information about the freebsd-newbies
mailing list