help with bind in openbsd

[nuttervm]

I've tried setting up dns for my internal network and cannot seem to get it working right. I've followed several tutorials and read the manpages. the one that is closest to my needs is located here. the only difference between the example and my setup is that his network is 192.168.1.x whereas mine is 192.168.0.x everything else is the same. after setting these files up and restarting named i type something like machinename.nutter.dhs.org into a webbrowser and get nothing. this should resolve to one of the machines on my network, but doesn't

i'd like to configure bind so internal machines on the network can access a machine by its name. eventually i want to allow outside access to these boxes. what are the differences between these configurations?

are there any tools to help configure the dns? its kinda annoying that there are no little scripts to help generate the necessary files (or at least none that i can find)

i realize that i could accomplish similar things by using an /etc/hosts file, but i want to use dns so eventually i could just allow outside access to my internal machines. please don't make any assumptions when answering, bring up anything you might think of.

 

[Nothinman]

Try looking at the Linux DNS-HOWTO, I used it to setup my caching DNS server at home with no troubles, then when I finally setup my internal domain it and the Debian docs/exampels were great, and bind is bind no matter what OS it's running on.

 

[nuttervm]

yeah that was my next step... looking at all the linux howtos. sometimes files are kept in different directories though, but i guess we shall see.

the worst part about openbsd is the documentation absolutely sucks in comparason to all the other uinx distros.

one random question: why did bind jump versions from 4 to 8 ? i've always wondered but never asked. versions 5,6,7 weren't good enough for them?

 

[Buddha Bart]

why did bind jump versions from 4 to 8 ?

before my time, but i've read its because they changed a lot of how it works.
still didn't fix the semi-anual 'root my ass' feature.

bart

 

[nuttervm]

yeah i figured thats what it was, but i've never heard of something jumping 4 versions.

i've started messing around with webmin, which seems to make configuration of dns (and alot of other things) much easier. the only problem is it won't install on my openbsd machine. installs and runs just fine on my freebsd machine tho.

 

[Nothinman]

You may also want to consider the 'DNS and Bind' book by O'Reilly.

 

[Mucman]

<edit>Ack, didn't notice you were using openBSD. You can grab the sources from here. If you ignore all the apt-get and Debian
related stuff, the rest still applies for OpenBSD.</edit>

Forget BIND and try DJBDNS!!! It's very secure and very fast. We have caching nameservers at work that would crash when our mail server would do mailing lists (1000s of domain lookups). These were on 468 66MHz machines running BIND 9. I switched them to DJBDNS and they never crash now.

Since you have Debian it is a snap!

Add the following to the sources.list in the /etc/apt file

deb http://smarden.org/pape/Debian woody unofficial
deb-src http://smarden.org/pape/Debian woody unofficial

Then run "apt-get update" and then "apt-get install djbdns"

To start djbdns do the following

create two users : dnscache, and dnslog

then type the following : "dnscache-conf dnscache dnslog /etc/dnscache machinesip"

then "ln -s /etc/dnscache /service

edit /etc/resolv.conf and add the lines "nameserver 127.0.0.1" and "nameserver machinesip"

type "touch /etc/dnscache/root/ip/yournetwork" (in my case my network was 192.168.0).

Also make sure the /etc/dnscache/env/IP reads your machines IP.

That's all there is to it! Now you will be running a superior DNS program written by the great Dan Bernstein

 

[n0cmonkey]

<< the worst part about openbsd is the documentation absolutely sucks in comparason to all the other uinx distros. >>



That is utter crap! The OpenBSD FAQ is the best documentation out there for any OS! BIND documentation is different than OpenBSD documentation. Why reinvent the wheel when there are plenty of BIND docs out there?

The BIND Bible from Oreilly (DNS and BIND) is a great book. I followed it step by step to setup a BIND 4 or two.

What kind of errors are you getting? Try: "nslookup" and hit enter. Make sure it is using your BIND server. If not type: "server 192.168.0.2" (replace 192.168.0.2 with the ip of your DNS server) and hit enter. That will setup nslookup to query your DNS server instead of anything that maybe setup in /etc/resolv.conf. Then try looking up the domain name you assigned to your machine.

Stick with BIND 4 or switch to djbdns also. Posting some of your config files and stuff might be helpful. Modify them if need be.

 

[nuttervm]

does the o'reilly book specifically address bind 4? there are alot of howtos out there that talk about bind 8 and don't say what the difference to bind 4 is. also, does it have openbsd specific information? for example a simple thing such as placement of config files could ruin my whole day. (ie: bsd doesnt use the nsswitch.conf file as far as i can tell, but it does have a similarly functioning file with a different name) I'm still in school and just doing this for fun really, so i don't have the cash to go out and buy every o'reilly book i'd like to have. i'll post some of my config files later on.

 

[Mucman]

The DNS & BIND O'reilly book I got covers 4 and 8, but I still urge you to go with DJBDNS . I also think OpenBSD has excellent docs! Just go to openbsd.org and everything you need is there.

 

[n0cmonkey]

<< does the o'reilly book specifically address bind 4? there are alot of howtos out there that talk about bind 8 and don't say what the difference to bind 4 is. also, does it have openbsd specific information? for example a simple thing such as placement of config files could ruin my whole day. (ie: bsd doesnt use the nsswitch.conf file as far as i can tell, but it does have a similarly functioning file with a different name) I'm still in school and just doing this for fun really, so i don't have the cash to go out and buy every o'reilly book i'd like to have. i'll post some of my config files later on. >>



All of the information that is applicable to BIND 4 is in there. I do not think they have specific OpenBSD information, but with a quick locate you should be able to figure out where this stuff is. Plus, OpenBSD has BIND in a chrooted environment I believe so its in a specific place, just cant remember where right off.