BIND Chroot - Forwarders ?
Hello Skunks. Quick query about running BIND in the chroot (jailed) environment. In earlier versions, we used to have forwarders i.e. Pulic DNS Servers configured in named.conf Now I have successfully set up the same in RHEL 7. Lookup works okay yet I cannot figure out how the setup is forwarding some requests. I have no Public DNS entries in neither the ethernet conf file nor resolv.conf Where is the forwarding happening ? BR.
Hi Mugo, Whether chroot or not, I believe Bind forwarding works the same whether you have public DNS or not. This should be configured under the options {} in your named.conf depending on your requirements. Something like this where x.x.x.x is not necessarily a public DNS in your case. options { forwarders { x.x.x.x; x.x.x.x; }; }; If you are considering forwading for only certain requests, you can setup zone forwarding in your named.conf zone "mugo.co.ke" { type forward; forwarders { x.x.x.x; x.x.x.x; }; }; Regards, David. On 9 September 2016 at 10:17, m mugo via skunkworks < skunkworks@lists.my.co.ke> wrote:
Hello Skunks.
Quick query about running BIND in the chroot (jailed) environment.
In earlier versions, we used to have forwarders i.e. Pulic DNS Servers configured in named.conf
Now I have successfully set up the same in RHEL 7. Lookup works okay yet I cannot figure out how the setup is forwarding some requests.
I have no Public DNS entries in neither the ethernet conf file nor resolv.conf
Where is the forwarding happening ?
BR.
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, David
How do you know the forwarders are working? Or might you be confusing questions being forwarded to authoritative servers to be forwarders in action? ./Ok3ch On Sep 9, 2016 09:19, "m mugo via skunkworks" <skunkworks@lists.my.co.ke> wrote:
Hello Skunks.
Quick query about running BIND in the chroot (jailed) environment.
In earlier versions, we used to have forwarders i.e. Pulic DNS Servers configured in named.conf
Now I have successfully set up the same in RHEL 7. Lookup works okay yet I cannot figure out how the setup is forwarding some requests.
I have no Public DNS entries in neither the ethernet conf file nor resolv.conf
Where is the forwarding happening ?
BR.
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Of course, you can *not* use any forwarders - especially not your ISP's servers - by just keeping your root zone file up to date ;) Cheers, Tony On 12/09/2016, Okechukwu via skunkworks <skunkworks@lists.my.co.ke> wrote:
How do you know the forwarders are working? Or might you be confusing questions being forwarded to authoritative servers to be forwarders in action?
./Ok3ch
On Sep 9, 2016 09:19, "m mugo via skunkworks" <skunkworks@lists.my.co.ke> wrote:
Hello Skunks.
Quick query about running BIND in the chroot (jailed) environment.
In earlier versions, we used to have forwarders i.e. Pulic DNS Servers configured in named.conf
Now I have successfully set up the same in RHEL 7. Lookup works okay yet I cannot figure out how the setup is forwarding some requests.
I have no Public DNS entries in neither the ethernet conf file nor resolv.conf
Where is the forwarding happening ?
BR.
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Tony White
Thanks for your replies. That this is hard to frame is the same reason this it is hard to research online. I know that there is some forwarder somewhere because external lookups; yahoo, google resolve fine. BIND-chroot on RHEL 5 had the specific forwarder section in named.conf, the current one does not. It's also not on the network (ethernet) config and resolv.conf points to the localhost (chroot DNS). I'm missing something very obvious but what is it ? Mugo2of3. On Mon, Sep 12, 2016 at 10:13 AM, Tony White via skunkworks < skunkworks@lists.my.co.ke> wrote:
Of course, you can *not* use any forwarders - especially not your ISP's servers - by just keeping your root zone file up to date ;)
Cheers, Tony
On 12/09/2016, Okechukwu via skunkworks <skunkworks@lists.my.co.ke> wrote:
How do you know the forwarders are working? Or might you be confusing questions being forwarded to authoritative servers to be forwarders in action?
./Ok3ch
On Sep 9, 2016 09:19, "m mugo via skunkworks" <skunkworks@lists.my.co.ke
wrote:
Hello Skunks.
Quick query about running BIND in the chroot (jailed) environment.
In earlier versions, we used to have forwarders i.e. Pulic DNS Servers configured in named.conf
Now I have successfully set up the same in RHEL 7. Lookup works okay yet I cannot figure out how the setup is forwarding some requests.
I have no Public DNS entries in neither the ethernet conf file nor resolv.conf
Where is the forwarding happening ?
BR.
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Tony White
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
just type nslookup and press enter. It will display the IP of the resolver being used. Then check on that IP if it has any forwarders. I hope you also know that you can run a resolver without forwarders. By default they know the root NS and so will still answer your queries. On 14 September 2016 at 12:46, m mugo via skunkworks < skunkworks@lists.my.co.ke> wrote:
Thanks for your replies.
That this is hard to frame is the same reason this it is hard to research online.
I know that there is some forwarder somewhere because external lookups; yahoo, google resolve fine.
BIND-chroot on RHEL 5 had the specific forwarder section in named.conf, the current one does not. It's also not on the network (ethernet) config and resolv.conf points to the localhost (chroot DNS). I'm missing something very obvious but what is it ?
Mugo2of3.
On Mon, Sep 12, 2016 at 10:13 AM, Tony White via skunkworks < skunkworks@lists.my.co.ke> wrote:
Of course, you can *not* use any forwarders - especially not your ISP's servers - by just keeping your root zone file up to date ;)
Cheers, Tony
On 12/09/2016, Okechukwu via skunkworks <skunkworks@lists.my.co.ke> wrote:
How do you know the forwarders are working? Or might you be confusing questions being forwarded to authoritative servers to be forwarders in action?
./Ok3ch
On Sep 9, 2016 09:19, "m mugo via skunkworks" < skunkworks@lists.my.co.ke> wrote:
Hello Skunks.
Quick query about running BIND in the chroot (jailed) environment.
In earlier versions, we used to have forwarders i.e. Pulic DNS Servers configured in named.conf
Now I have successfully set up the same in RHEL 7. Lookup works okay yet I cannot figure out how the setup is forwarding some requests.
I have no Public DNS entries in neither the ethernet conf file nor resolv.conf
Where is the forwarding happening ?
BR.
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Tony White
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
participants (5)
-
David Njuki -
m mugo -
Odhiambo Washington -
Okechukwu -
Tony White