[GLLUG] Building a new system

Fri Jul 25 13:19:06 EDT 2003

The named.conf isn't all that bad.  Here's a working one from a domain
that's now defunct.  (The name has been changed to protect the
less-than-innocent.)

--- cut ---
acl clients {
  localnets;
  ::1;
};

options {
  allow-recursion { clients; };
  check-names master warn;
};

logging {
  category lame-servers { null; };
};

// root.hint should be current & comes w/ BIND
zone "." {
  type hint;
  file "standard/root.hint";
};

zone "localhost" {
  type master;
  file "standard/localhost";
  allow-transfer { localhost; };
};

zone "127.in-addr.arpa" {
  type master;
  file "standard/loopback";
  allow-transfer { localhost; };
};

zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"
{
  type master;
  file "standard/loopback6.arpa";
  allow-transfer { localhost; };
};

zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.int"
{
  type master;
  file "standard/loopback6.int";
  allow-transfer { localhost; };
};

zone "asdf.com" {
  type master;
  file "master/asdf.com";
};
-- paste --

Then you just need to set up your master zone file, "asdf.com"

--- cut ---
@ IN SOA @ hostmaster.asdf.com. (
2003072401 ; serial YYYYMMDDNN
4H ; refresh
20M ; retry
1W ; expiry
1D ) ; minimum

IN NS ns1.asdf.com

IN MX 10 mail.asdf.com

asdf.com
IN A 198.195.ccc.ddd
www IN CNAME asdf.com.
ns1 IN A 198.195.ccc.ddd
mail IN A 198.195.ccc.ddd
-- paste --

In this case, the web server, mail server, and BIND are all running on
the same box, so asdf.com == www.asdf.com == mail.asdf.com ==
ns1.asdf.com.  You wouldn't do this for a large network, but if it's
just you and your static IP DSL line, then it's no big deal.  The one
thing worth mentioning is that you have to create a host record ("A"
record) for your NS and MX records.  You could technically get away with
a CNAME, but this can cause problems with requests that come through DNS
proxies (ie. Symantec/Raptor firewalls and some Cisco PIX firewalls)
because it's not RFC compliant.  BTW, the serial number in the SOA
record is today's date.  Use whatever you like, I just find that the
date is easy enough to remember and prevents you from having duplicate
serials on the same nameserver.

PaulM

-----Original Message-----
The examples in the BIND HOWTO are actually harder to wade through 
because of their use of bad domains (.bogus), and over-use of 
"localhost". I think seeing a real example would help a lot.

I think I'd have an easier time understand what's going on if I could 
search&replace something into a working file (even if it's not perfect),

then I could play with that file to see what happens, whereas trying to 
set one up from scratch is difficult because the HOWTO keeps doing wierd

(to me) things.