Re: DNS: configure bind9 to resolve only a certain IP-range
On Mon, 23 Jun 2003, Hans Wilmer wrote:
> Arthur H. Johnson II wrote:
>
> >>how can I configure bind9 so that it would (reverse-)resolve a certain
> >>range of IP-addresses only within a zone?
> >>
> >>I4ve been browsing through some documentations, but I couldn4t find any
> >>option or something like that to tell bind that it is responsible for a
> >>designated range of addresses only. Is this even possible?
> >>
> >
> > If you configure a zone to be authoratitive on a name server it will
> > override any zones that are on the outside network. In otherwords, if you
> > configure a zone called yahoo.com and in the hosts file put www.yahoo.com
> > to point to 192.168.1.80 then it will override the www.yahoo.com most
> > people get to. Master Zones override Hint Zones in other words.
>
> Well, ok, but how does this help to solve the problem? The nameserver is
> and should be authoritative for our designated range of IP-addresses, but
> not for others. What4s the usual way to tell it so?
>
> Setting the reverse-lookup zone from type master to type hint didn4t help.
>
>
> GH
>
>
I guess I am not following what you are up to. How have you installed
BIND, from apt or from source?
When I configure a nameserver, I usually allow it to do "caching"
nameserving. To do this, at the top of your named.conf file, put:
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
you can retrieve db.root from ftp://ftp.internic.com. Then configure your
zone files as you want them. These zone files will override the hint
zone, so if you configure yahoo.com to resolve to 192.168.0.0 subnet, it
will override whatever yahoo publishes as their domain.
--
Arthur H. Johnson II, arthur@usol.com
AIM: bytor4232
YIM: arthurjohnson
IRC: By-Tor@irc.debian.org
Reply to: