In
http://www.bsdforums.org/forums/show...61&postcount=1 I explained the dual roles of a nameserver: authoritative and recursive resolver.
For a recursive resolver you only need the minimal configuration as explained in the 3dr chapter of the BIND 9 Administrator Reference Manual which you can find in
/usr/share/doc/html/bind/Bv9ARM.ch03.html
You only need a master zone if you configure
Bind as an primary/master authoritative nameserver. A master authoritative nameserver answers questions about the domains it is authoritative for from the zone file(s).
A slave authoritative nameserver get its zone information from a master nameserver.
The master/slave thing is just a way to replicate information from one authoritative nameserver to other nameservers.
The "/etc/resolv.conf" should only contain the ip addresses of caching nameservers
You can setup a local authoritative nameserver with a zone with non-official TLD.
On my local LAN at home I use
xnet
Code:
$ dig +norecurse -t ns utp.xnet @192.168.222.11
; <<>> DiG 9.3.4 <<>> +norecurse -t ns utp.xnet @192.168.222.11
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9708
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;utp.xnet. IN NS
;; ANSWER SECTION:
utp.xnet. 259200 IN NS ns1.utp.xnet.
;; ADDITIONAL SECTION:
ns1.utp.xnet. 259200 IN A 192.168.222.11
;; Query time: 1 msec
;; SERVER: 192.168.222.11#53(192.168.222.11)
;; WHEN: Wed May 28 02:09:04 2008
;; MSG SIZE rcvd: 60
I have a
tinydns authoritative nameserver running at 192.168.222.11 which is an alias IP address. The
aa flag in the dig query stands for Authoritative Answer.
On 192.168.222.10 is my
dnscache recursive resolver.
Code:
$ dig ns1.utp.xnet
; <<>> DiG 9.3.4 <<>> ns1.utp.xnet
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53169
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ns1.utp.xnet. IN A
;; ANSWER SECTION:
ns1.utp.xnet. 258816 IN A 192.168.222.11
;; Query time: 1 msec
;; SERVER: 192.168.222.10#53(192.168.222.10)
;; WHEN: Wed May 28 02:19:16 2008
;; MSG SIZE rcvd: 46
This is from the recursive resolver which is listed in my
/etc/resolv.conf file. Notice the missing
aa flag, indicating that it is not authoritative answer.
Re: dynamic DNS
IMHO dynamic DNS is evil, it relies on the completely insecure DHCP protocol. For a home network I would just assign fixed IP addresses.