Configuring DNS (BIND) in isolation

Matthew Seaman m.seaman at infracaninophile.co.uk
Fri Dec 1 14:29:26 PST 2006 

Andrew Falanga wrote:

> I have a need to make my own DNS system on an isolated network.  Years ago,
> I administered DNS for a couple of different companies, but that was
> quite a
> while ago and since I've turned to programming I haven't done much in the
> way of network administration.  I recall from using BIND 4, when I was
> reading up on it, that it is most certainly possible to configure an entire
> DNS system on a totally isolated network.
> 
> Would I need zone files for the root, ".", zone and any other zones I
> configure; e.g. "isolation."?  This would seem to be the way to go about
> it,
> but I'm having some difficulty visualizing it in my head.  I just did some
> searches online for the O'Reilly book "DNS & BIND".  I recall using this
> book in the past and it was quite helpful (and unfortunately for me,
> belonged to my former employers).  Would this book be a good reference for
> this task as well, or are there better books that I might want to look into
> getting for this?  Or, are there good on-line resources that could help me
> muddle through?

You're on the right track.  Yes, you'ld need a zone file for the root of
your DNS -- if it's all served from one machine then that would replace the
'hint' zone and named.root stuff in the example named.conf 

The zone file for '.' would contain an SOA record and then delegation for
whatever forward and reverse domains you want to use.  Eg. supposing you
want to use the TLD 'in.isolation' with IP numbers from 192.168.0.0/24
then you'ld need something like:

    ;
    ; Root of the private domain name system
    ;
    $TTL 604800    ; 1 week

    @             IN      SOA ns0.in.isolation. hostmaster.in.isolation. (
                              2006120100 ;  Serial
                              1800       ;  Refresh (30min)
                              900        ;  Retry (15min)
                              604800     ;  Expire (1week)
                              86400 )    ;  Minimum (1day)
    in.isolation.            IN  NS ns0.in.isolation.
    0.168.192.in-addr.arpa.  IN  NS ns0.in.isolation.
    ns0.in.isolation.        IN  A 192.168.0.1   ; Glue
    ;
    ; That's All Folks!
    ;

Then you'ld need the zone files for 'in.isolation.' and
'0.168.192.in-addr.arpa'

The O'Reilly book 'DNS & Bind' by Ablitz and Liu is well worth obtaining.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       7 Priory Courtyard
                                                      Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey         Ramsgate
                                                      Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20061201/2f5a2d42/signature.pgp

More information about the freebsd-questions mailing list