private/internal db file question...

Gary Kline kline at tao.thought.org
Thu Jun 23 02:32:46 GMT 2005


On Thu, Jun 23, 2005 at 03:56:26AM +0300, Giorgos Keramidas wrote:
> On 2005-06-22 17:13, Gary Kline <kline at tao.thought.org> wrote:
> > Folks,
> > After years or trying, I may have my private/internal DNS db files
> > working.  From a colo machine I can reach my internal servers.  One
> > small question for the DNS wizards out there:: are the last
> > ".in-addr.arpa" lines considered good-form?  Can I blow them away or
> > uncomment them?
> 
> Strip them off.

	Thank you.


> 
> You didn't specify which zone this file was a database for, but looking at the
> commented lines it seems like it's the reverse resolution database for
> 10.0.0.0/8 (your internal network).  DNS records in zone files like this one
> refer to addresses "relative" to the zone itself, which is probably defined as
> the following in your named.conf configuration file:
> 
>     zone "0.0.10.IN-ADDR.ARPA" {
>             type master;
>             file "master/10.0.0.rev";
>     };

	In named.conf I have two files; one is the .rev table:

zone "db.private" {
      type master;
      file "/etc/namedb/s/db.private";
      allow-query {
               127.0.0.1/32; 10.0.0.0/8;
               };
};
zone "db/private.rev" {
      type master;
      file "/etc/namedb/s/db.private.rev";
      allow-query {
               127.0.0.1/32; 10.0.0.0/8;
               };
};

	Below the SOA in db.private is:

;
;; real nameserver:
;
        IN    NS    ns1.thought.org.



;
;    Machines names
;
;name    ttl    class    type    data
localhost  IN A       127.0.0.1
;
ethic                   IN A  10.0.0.220
tao                     IN A  10.0.0.247
sage                    IN A  10.0.0.1
zen                     IN A  10.0.0.249


	ns1, aka sage, is defined in my main DNS table, db.thought.org.


> 
> This definition of the zone in named.conf declares that addresses of the form
> 10.0.0.X will be looked up as PTR records of X in the file "master/10.0.0.rev"
> under you named server root directory, i.e.
> 
> 	ADDRESS		DB-FILE				RECORD
> 	10.0.0.1	master/10.0.0.rev		1
> 	10.0.0.2	master/10.0.0.rev		2
> 	...
> 	10.0.0.254	master/10.0.0.rev		254
> 
> Usually, the most tricky part is grasping that "1.0.0.10.IN-ADDR.ARPA." is
>ewhat BIND looks up to find the name (or names) associated with the address
> 10.0.0.1 (note the reversed byte order of the address parts).


	Well, it's not only tricky, it's bloody confusing...  :-)

> 
> > ;name    ttl    class    type    data
> > 1        IN    PTR    localhost
> > 1       IN    PTR    sage
> > 220     IN    PTR    ethic
> > 247     IN    PTR    tao
> > 249     IN    PTR    zen
> 
> These look mostly ok, but you may want to fix the following:
> 
>   - "localhost" is usually assigned to 127.0.0.1, not 10.0.0.1
>   - the "IN" column is *NOT* the TTL (time to live) of a record


	What would you replace these row tags with?  ((I got these from
	another database file, obv'ly.)

	;name    ttl    class    type    data

	Would:

	;record  class pointer name 

	name sense?  (Help me keep these details straight, in other
	words:)

	gary

> 
> > ;
> Note that O'Reilly has an excellent book ("DNS & BIND") which you may
> find immensely useful in setting up practically any sort of DNS server.
> 

	PS:  YES!!  I read ed 3 and bought edition 4; they helped me
	get going when I onlt had one FBSD system.  ....


-- 
   Gary Kline     kline at thought.org   www.thought.org     Public service Unix



More information about the freebsd-questions mailing list