problem with DNS resolving
Toni Schmidbauer
toni at stderror.at
Tue Apr 1 10:53:23 PST 2003
On Tue, Apr 01, 2003 at 08:14:19PM +0200, Marcel Stangenberger wrote:
> my fault, forgot to copy those rules to the list :
no problem.
what happens if you execute 'dig @127.0.0.1 hayholt.org axfr'?
if i understand your config correctly 195.18.92.98 is an ip
adress configured on one of your nic's. IMHO your second
nameserver entry in /etc/hosts makes no sense. the second entry
is for backup purpose if the first one is not reachable. so in
your case its the same bind8 instance... the entry should be the
ip-addr of your second ns.
just as a note: for security reasons i would add the following to
your bind config:
acl trusted { 127.0.0.1; 195.18.92.98; 195.18.103.140; };
and in the options stanza:
allow-transfer { trusted; };
currently your are allowing zone transfers without any
restrictions, so anyone can find out all entries in the hayholt.org
zone with 'dig @195.18.92.98 hayholt.org axfr'
if everything fails, could you post your named.conf?
toni
--
Behandle die Menschen, als wären sie, was sie sein | toni at stderror.at
sollten, und du wirst ihnen helfen, zu werden, was | Toni Schmidbauer
sie sein können. - Johann Wolfgang von Goethe |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030401/d1036968/attachment.bin
More information about the freebsd-questions
mailing list