|
OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD. |
|
Thread Tools | Display Modes |
|
|||
OpenBSD As DNS Server
Hi Guys!
Please Help me to solve these questions : 1- which of FreeBSD or OpenBSD is better ( security+stable ) for DNS Server ? 2- is important turn on and configure server firewall or no ? i want to install and configure BIND DNS Server . in the first step : install bind . in the second step i want to manage these domain and sub domains : main domain : test.com ( Not Real just Test Reason ) sub domains : armenia.test.com - america.test.com - mma.test.com and all off these sub domains has sub domain ( two level domains ) like : de.armenia.test.com en.armenia.test.com sp.armenia.test.com . . the problem is here : i can not configure these two level sub domains!!he problem is here : i can not configure these two level sub domains!! if there is any sample of configuring+sub domains+(two or Three level of sub somains ) please help me .f there is any sample of configuring+sub domains+(two or Three level of sub somains ) please help me . if there was a text file that somebody do before please upload here and let me to use .f there was a text file that somebody do before please upload here and let me to use . Best Wishes 3v1l |
|
|||
At this moment I am not able to test , but the following modification of the example of Authoritative only BIND nameserver for local domain should define two sub-domains of de.filo:
Zone file: Code:
; Zone file for de.filo $TTL 86400 @ IN SOA ns1.de.filo. j65.de.filo. ( 2009120802 ; serial, todays date+todays 86400 ; refresh, seconds 7200 ; retry, seconds 3600000 ; expire, seconds 86400 ) ; minimum, seconds IN NS ns1.de.filo. IN NS ns2.de.filo. IN MX 0 mail.de.filo. localhost IN A 127.0.0.1 ns1 IN A 192.168.222.245 ns2 IN A 192.168.222.200 mail IN A 192.168.222.20 www IN A 192.168.222.20 ftp IN A 192.168.222.20 ; sub-domains frankfurt IN NS ns1.de.filo. IN NS ns2.de.filo. freiburg IN NS ns1.de.filo. IN NS ns2.de.filo.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump Last edited by J65nko; 5th February 2014 at 07:53 PM. Reason: Forgot to add the ".' at the end of the sub-domain nameservers |
|
|||
ok ,, thanks i will test and back here.
|
|
|||
Small but essential correction. With the original zone file I posted this is the result of a query for the nameservers for the sub-domain:
Code:
$ dig +norecurse -t ns frankfurt.de.filo @192.168.222.20 ; <<>> DiG 9.4.2-P2 <<>> +norecurse -t ns frankfurt.de.filo @192.168.222.20 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19990 ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;frankfurt.de.filo. IN NS ;; AUTHORITY SECTION: frankfurt.de.filo. 86400 IN NS ns1.de.filo.de.filo. frankfurt.de.filo. 86400 IN NS ns2.de.filo.de.filo. ;; Query time: 17 msec ;; SERVER: 192.168.222.20#53(192.168.222.20) ;; WHEN: Wed Feb 5 20:51:34 2014 ;; MSG SIZE rcvd: 79 The corrected version: Code:
; sub-domains frankfurt IN NS ns1.de.filo. IN NS ns2.de.filo. freiburg IN NS ns1.de.filo. IN NS ns2.de.filo. Code:
$ dig +norecurse -t ns frankfurt.de.filo @192.168.222.20 ; <<>> DiG 9.4.2-P2 <<>> +norecurse -t ns frankfurt.de.filo @192.168.222.20 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63242 ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;frankfurt.de.filo. IN NS ;; AUTHORITY SECTION: frankfurt.de.filo. 86400 IN NS ns1.de.filo. frankfurt.de.filo. 86400 IN NS ns2.de.filo. ;; ADDITIONAL SECTION: ns1.de.filo. 86400 IN A 192.168.222.245 ns2.de.filo. 86400 IN A 192.168.222.200 ;; Query time: 1 msec ;; SERVER: 192.168.222.20#53(192.168.222.20) ;; WHEN: Wed Feb 5 20:56:56 2014 ;; MSG SIZE rcvd: 103
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Quote:
Quote:
Last edited by ocicat; 5th February 2014 at 10:31 PM. Reason: Correct spelling error. Oopsie... |
|
||||
To clarify ocicat's comments:
|
|
||||
Quote:
one can literally use the same BIND zone files. |
|
|||
Oko, yes that is correct. NSD can use the BIND zone format.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
OpenBSD NFS server over TCP performance | mickywicky | OpenBSD General | 1 | 30th December 2013 01:47 AM |
ssh server on OpenBSD | MarinosK | OpenBSD General | 4 | 16th February 2011 07:38 PM |
How to build a OpenBSD server? | fender0107401 | OpenBSD Installation and Upgrading | 6 | 15th October 2010 07:11 PM |
OpenBSD as a PPP Dialup Server | jjjustjjjay | OpenBSD General | 2 | 20th April 2010 01:58 PM |