secondary DNS probem
Stephen Carville
stephen at totalflood.com
Wed May 16 18:01:24 UTC 2007
sylvan dacounha wrote:
> Dear All,
>
> I have a REDHAT box running bind and been working fine for last few
> months.
> this server was hosting my other other local domains also which were all
> workin fine
>
> i installed a new redhat machine with bind to be a secondary or slave
> named server a week ago as per the documentation .
> so if my primary server goes down all my clients and the inrternet
> users can still access my my web sites.
>
> Now when i restart my primary i c the zones gettin transferred to my
> secondary DNS which i newly setup and when i do a nslookup goin into the
> server for internet sites ex: www.yahoo.com it does not resolve them
>
> but the sites hosted in my netwrok im able to resolve them fine
>
> here the details
>
> my master name server .. ns1.kmun.gov.kw ---- IP
> 62.150.152.1
> slave server which new installed .. ns2.kmun.gov.kw ------- IP
> 62.150.152.2
Looks like 62.150.152.2 is set with recursion off. That means it will
only answer for zones it is authoritative for. If you want it to be a
server for others to query, set recursion to yes. You are using Bind 9
(v9.3.4) so you can set an access list for allow-recursion.
Something like:
acl allowed-nets { x.x.x.0/24; y.y.200.0/21; };
options {
recursion yes;
allow-recursion { allowed-nets; };
};
The allow-recursion is optional but without it, sooner or later, some
dickhead script kiddie will try a DOS on you.
> if i go to server ns1.kmun.gov.kw or the ip i can resolve both the
> internet sites as well as my local domain ...
>
> appreciate ur help
>
> thnks and Regards
>
>
>
> simon
>
>
>
>
>
>
>
> ---------------------------------
> Pinpoint customers who are looking for what you sell.
--
Stephen Carville <stephen at totalflood.com>
Systems Engineer
Land America
1.626.667.1450 X326
More information about the redhat-list
mailing list