Is there a tinydns or dns wizard that could give me some hints, please?
I am setting up and testing tinydns, but have some problems figuring out how to route. I do get dnscache to listen on tinydns. Also I do not understand why it will not answer the given ip (127.0.0.1) to the name server.
1. Both services are up running and seems to be working fine, so why no reply, (on the first query/reply below)?
2. I am behind a firewall/router and have dynamic ip address from my isp. Can I set up the name server to be dynamic or how can I solve this by routing?
--config info
Dnscache is listening to the local nic 192.168.1.102 tinydns is listening to the local nic 192.168.1.100
Here's the query to dnscache where no ip given back:
# dnsqr a test.example.net 1 test.example.net: 34 bytes, 1+0+0+0 records, response, noerror query: 1 test.example.net
# dnsqr a server1.test.example.net 1 server1.test.example.net: 58 bytes, 1+1+0+0 records, response, noerror query: 1 server1.test.example.net answer: server1.test.example.net 86400 A 192.168.1.102
# cat /etc/dnscache/log/main/current | grep tx @4000000043d9f8b118a12724 tx 0 1 test.example.net. test.example.net. 7f000001 c0a80164 @4000000043d9f8b5212dcc1c tx 0 1 server1.test.example.net. test.example.net. c0a80164 7f000001
# cat /etc/tinydns/root/data .test.example.net:127.0.0.1:a:259200 .1.168.192.in-addr.arpa:127.0.0.1:a:259200 =server1.test.example.net:192.168.1.102:86400
On 1/27/06, Kai Sandsengen centos.newsgroup@sandsengen.com wrote:
Is there a tinydns or dns wizard that could give me some hints, please?
Any reason you're using tinydns as opposed to bind? I can throw a couple sample zones your way for bind, but I've never looked at tinydns (given that it doesn't come with centos and all :-P )
-- Jim Perrin System Architect - UIT Ft Gordon & US Army Signal Center
Jim Perrin wrote:
Any reason you're using tinydns as opposed to bind? I can throw a couple sample zones your way for bind, but I've never looked at tinydns (given that it doesn't come with centos and all :-P )
Yes I now.... but centos can run this also :) No specific reason, other than I've been told that it's lighter than bind and more secure, but I wouldn't now. Also I have reasonable good documentation on how to get it up running. only trying it out.
The sample zones for bind would be very much appreciated.
kai
sender: "Jim Perrin" date: "Fri, Jan 27, 2006 at 08:11:09AM -0500" <<<EOQ
On 1/27/06, Kai Sandsengen centos.newsgroup@sandsengen.com wrote: Any reason you're using tinydns as opposed to bind? I can throw a couple sample zones your way for bind, but I've never looked at tinydns (given that it doesn't come with centos and all :-P )
How about these reasons: http://cr.yp.to/djbdns/blurb/easeofuse.html ?
And yes, it doesen't come with CentOS but there are .rpms available around the net, like here: http://djbware.csi.hu/
Is there a tinydns or dns wizard that could give me some hints, please?
I am setting up and testing tinydns, but have some problems figuring out how to route. I do get dnscache to listen on tinydns. Also I do not understand why it will not answer the given ip (127.0.0.1) to the name server.
http://cr.yp.to/djbdns/dnscache.html at the bottom: Special names, I quote:
"dnscache handles localhost internally, giving it an A record of 127.0.0.1.
dnscache handles 1.0.0.127.in-addr.arpa internally, giving it a PTR record of localhost.
dnscache handles dotted-decimal domain names internally, giving (e.g.) the domain name 192.48.96.2 an A record of 192.48.96.2)"
- Both services are up running and seems to be working fine, so why no
reply, (on the first query/reply below)?
.test.example.net:127.0.0.1:a:259200 .1.168.192.in-addr.arpa:127.0.0.1:a:259200 =server1.test.example.net:192.168.1.102:86400
Simple. Because you did not set an IP address for test.example.net. You should add this to your data file:
=test.example.net:192.168.1.102:86400
- I am behind a firewall/router and have dynamic ip address from my
isp. Can I set up the name server to be dynamic or how can I solve this by routing?
Services like those offered by no-ip.com or dyndns.com might be better suited for this kind of setup.
Hope it helps, Alex
Alexandru E. Ungur wrote:
=server1.test.example.net:192.168.1.102:86400
Simple. Because you did not set an IP address for test.example.net. You should add this to your data file:
=test.example.net:192.168.1.102:86400
Thank you, ended up blind, where a little confused about the service vs publishing addresses, was afraid to cause conflict. Most sample configs are stuffed with ip's. and I am testing one machine with 2 nic's.
- I am behind a firewall/router and have dynamic ip address from my
isp. Can I set up the name server to be dynamic or how can I solve this by routing?
Services like those offered by no-ip.com or dyndns.com might be better suited for this kind of setup.
The service I am setting up has actually a domain name from dyndns, since there are no problem with the routing towards my machine I am only setting up a local dns. Needed to get this working.
I assume that dyndns are delegating the responsibility by default?
Hope it helps, Alex
Yes it help me very much, thank you
On Friday 27 January 2006 08:14, Alexandru E. Ungur wrote:
Any reason you're using tinydns as opposed to bind? I can throw a couple sample zones your way for bind, but I've never looked at tinydns (given that it doesn't come with centos and all :-P )
How about these reasons: http://cr.yp.to/djbdns/blurb/easeofuse.html ?
Boy, that would be funnier if it wasn't just so WRONG...
As somebody who's used djb's various non-standard and often incompatable re-writes of standard tools, the servers with the most painful costs to support are those with djb's stuff installed.
It's been a long time since bind was remotely exploitable, and even so, updating named when something is found is as simple as
yum -y update; service named restart;
which should be part of your standard maintenance schedule, anyway.
DJB's stuff is so old and infrequently updated, that now it often comes with a "standard set of patches" that must be applied before it will even compile! Furthermore, the license behind DJB's stuff is terrible - no binary distribution, etc. It's typical to be forced to recompile it just to apply a minor config change, making scripting of such updates and changes virtually impossible.
If you want bind managed easily, Webmin is a good bet for making it "idiot proof".
Sorry - I once was sold on the idea of djb's tools and Qmail, and I've regretted installing it ever since. Save yourself some serious agony - run (don't walk!) away from djb-ANYTHING!
-Ben
sender: "Benjamin Smith" date: "Fri, Jan 27, 2006 at 04:33:58PM -0800" <<<EOQ
[stuff deleted] If you want bind managed easily, Webmin is a good bet for making it "idiot proof".
No thanks. If I want to screw up bind's (or any other program's for that matter) configuration files, I can do that by hand, don't need Webmin to help me :)
Sorry - I once was sold on the idea of djb's tools and Qmail, and I've regretted installing it ever since. Save yourself some serious agony - run (don't walk!) away from djb-ANYTHING!
I don't know what problems you had with it, but I'm hapilly using it on about 20 servers (both djbdns and qmail) and never had a problem with it. I'll remember your advice when I'll encounter my first problem, though I may just as well read the docs again when that happens... :)
Cheers, Alex
-
Alexandru E. Ungur -
Benjamin Smith -
Jim Perrin -
Kai Sandsengen