Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] New T2 Server Config

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] New T2 Server Config


Chronological Thread 
  • From: Jeff Taylor <shdwdrgn AT sourpuss.net>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] New T2 Server Config
  • Date: Thu, 30 Dec 2010 11:39:44 -0700
  • List-archive: <http://lists.darkdna.net/pipermail/discuss>
  • List-id: <discuss.lists.opennicproject.org>

Well, assuming the basics first off... that you placed this info in the right place of your BIND config (since everyone has a different setup), and that you pointed the file location to the correct place for your setup?

The next thing to look at is which server IP addresses did you list for masters? You should only be listing T1 servers here. I would suggest at least having NS0 (75.127.96.89), NS2 (216.87.84.214), and NS7 (66.244.95.11), however it is probably best to list ALL of the T1 servers to help spread the load out and give better odds of getting updates faster.

If it still doesn't work, give us more details about your setup, or poke somebody on IRC.


On 12/30/2010 06:41 AM, Psilo wrote:
Hello gurus, the config described to slave the dns.opennic.glue zone
doesn't work for me, I get a SERVFAIL response.
I must have missed something, any idea?

2010/12/30 Jeff Taylor<shdwdrgn AT sourpuss.net>:
Actually I don't think there's any need to allow transfers to anyone OTHER
than T1/T2 servers, but you'll need to create an ACL for that list.
However, the only information contained in the zone file is the hostname and
IP address - the same info that is presented on the wiki page, so allowing
an axfr in this case does not disclose any information that was not already
publicly available.


On 12/29/2010 05:38 PM, Larry Brower wrote:

Wouldn't it be better to use tsig keys as opposed to allowing anyone to do
axfr?


Connected by MOTOBLURâ„¢ on T-Mobile

-----Original message-----

From: Julian De Marchi<julian AT jdcomputers.com.au>
To: OpenNIC discussion<discuss AT lists.opennicproject.org>
Sent: Wed, Dec 29, 2010 16:54:28 CST
Subject: [opennic-discuss] New T2 Server Config

Heya--

OpenNIC has a requirement that all T2 servers slavethe
dns.opennic.glue domain. This is to fix some issues that are occuring
when this domain is not slaved.

The original idea was from Avo, but I never had a chance to update the
required documentation.

Add this into your config;

zone "dns.opennic.glue" {
type slave;
file "/etc/bind/zones/slaves/db.dns.opennic";
masters { [server IP number]; [server IP number]; [server IP
number]; };
notify no;
allow-transfer { any; };
};

Sorry for the late info. All documentation for bind has been updated.
Can someone please visit http://wiki.opennic.glue/Tier2ServerConfig
and update the config for other breeds of DNS servers?

--julian
_______________________________________________
discuss mailing list
discuss AT lists.opennicproject.org
http://lists.darkdna.net/mailman/listinfo/discuss

_______________________________________________
discuss mailing list
discuss AT lists.opennicproject.org
http://lists.darkdna.net/mailman/listinfo/discuss


_______________________________________________
discuss mailing list
discuss AT lists.opennicproject.org
http://lists.darkdna.net/mailman/listinfo/discuss


_______________________________________________
discuss mailing list
discuss AT lists.opennicproject.org
http://lists.darkdna.net/mailman/listinfo/discuss




Archive powered by MHonArc 2.6.19.

Top of Page