[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Problem configure Bind9

Christian Maier wrote:

> I have installed bind9 and for now I have trouble configuring it. I
> have done all steps discribed in some tuts. Digging google for exapmle
> works pretty good (forwarders are ok I think) but digging example.com
> fails.

I hope you're not actually trying to do this against example.com literally;
that could be part of your problem if you're doing this as an exercise. 
Hiding what zone you're having trouble with isn't going to help you
security-wise and only makes it harder to troubleshoot since we can't see
what you're seeing without knowing the zone you're having problems with.

> // Do not modify the following lines!
>                                                         2006081401
>                                                         28800
>                                                         3600
>                                                         604800
>                                                         38400
>  )

The serial should always be changed every edit.  Reccommended format is
yyyymmddss where ss is the serial (first edit 00, second edit 01, third
edit 02, etc for each day).  The serial number can be any integer larger
than what it was the last time you edited the zone.  I suggest looking up
and labelling the other values with some comments for your own use later;
they effect how long information from your zone remains cached by other
name servers when they check your zone on behalf of other hosts.
>                      IN    NS     localhost.
> 1                    IN    PTR    example.com

Probably should be...

1               IN      PTR     example.com.

...because the trailing period is important.  You'll also need...

$ORIGIN 0.168.192.

...at the top of the file.  As you have it right now, that line can't
resolve to anything sane.  Without the . it's going to try to tack on
the zone name, and without the $ORIGIN, it won't know how to complete
the IP at the beginning.  I would hazard to guess as you have it right
now that if you did a reverse lookup on "1" you would get
"example.com.0.168.192" or something similarly nonsensical.

Reply to: