Nameserver
Rodolfo J. Paiz
rpaiz at simpaticus.com
Sun Mar 7 14:16:03 UTC 2004
At 13:06 3/7/2004, you wrote:
>A few questions remain though... If I am running a nameserver locally, does
>resolv.conf become irrelevant on the machine running named? Since this
>machine is also my gateway to the Internet, do I still need to specify
>entries in /etc/resolv.conf for external names or can I point it to itself?
You can point it to itself if you wish; this is what I do.
>Still fuzzy on this one... Also, how do things work if the host entry in
>the zone file has a dynamic IP (not likely, just curious how this works
>out...)?
More detail? Not sure of the question; perhaps an example?
>Some security questions immediately come to mind as I type :) I am
>wondering how I can block external traffic using my machine as a resolver.
>I suppose I can control this through iptables, but I was wondering if named
>provided anything special for this.
You *should* block it via iptables. However, you should *also* read the man
page for named.conf. Pay particular attention to the "listen-on" directive.
I suggest you also read the "forward-first" and "forwarders" directives.
Those ought to take care of most of your needs right now.
Post further questions if necessary. BTW, any feedback or suggestions for
the "DNS First Steps"? Anything that could be added that would have
immediately made your life or your understanding easier?
--
Rodolfo J. Paiz
rpaiz at simpaticus.com
http://www.simpaticus.com
More information about the redhat-list
mailing list