We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Configuring forwarders properly.
Configuring forwarders properly.
=======================================================================
Message edited 2nd time
=======================================================================
It's done, I understood: All is about Recursive server vs. Iterative server
Finally, I want an iterative server and it's done.
=======================================================================
Message edited 1st time
=======================================================================
After more than two hours reading, I think that I was wrong: I don't need the forwarders to resolve external addresses.
The problem was the recursive, if it's "off", Bind is not able to resolve not declared addresses, I need to change recursive mode to "on"; then Bind search in declared addresses, if the external address is not there, Bind will ask to the root servers.
With recursion "off", Bind can't find the external address and the address is resolved using the next nameserver on resolv.conf
Apart of that, I added this line to avoid a security problem, the recursion it's only permitted for localhost:
So, it's correct this idea?
My final named.conf
Thanks!!
=======================================================================
First message (wrong)
=======================================================================
Hello,
I'm trying to configure correctly my DNS server and I have a problem: The forwarding.
First of all, my knowledge in DNS stuff is very basic.
Well, I'm using my own DNS server (ns1.mydomain.com) and, except the forwarding, works ok; the problem comes when I ask to my server for an address that the server does not know, I think that in this situation enters in game the forwarders; the problem it's that I don't know how to configure properly the forwarders on /etc/named.conf (or in the correct place...).
This is my named.conf now:
It's correct?, It's the recursion on "yes" correct?, Is this the proper configuration?
Edit note: If recursion = no, the server seems that is not able to resolve unknow addresses, so, if recursion = no, are the forwarders ignored?
I'm trying to force the system to use my DNS server with this configuration of the /etc/resolv.conf
With that, the system resolves DNS aparently ok, and the DNS checkers gives no problems.
Thanks in advance!!
Message edited 2nd time
=======================================================================
It's done, I understood: All is about Recursive server vs. Iterative server
Finally, I want an iterative server and it's done.
=======================================================================
Message edited 1st time
=======================================================================
After more than two hours reading, I think that I was wrong: I don't need the forwarders to resolve external addresses.
The problem was the recursive, if it's "off", Bind is not able to resolve not declared addresses, I need to change recursive mode to "on"; then Bind search in declared addresses, if the external address is not there, Bind will ask to the root servers.
With recursion "off", Bind can't find the external address and the address is resolved using the next nameserver on resolv.conf
Apart of that, I added this line to avoid a security problem, the recursion it's only permitted for localhost:
Code: Select all
allow-recursion { localhost; };
My final named.conf
Code: Select all
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
pid-file "/var/run/named/named.pid";
statistics-file "/var/named/data/named_stats.txt";
version "get lost";
allow-transfer {"none";};
allow-recursion { localhost; };
recursion yes;
};
include "/etc/rndc.key";
include "/etc/named.rfc1912.zones";
zone "mydomain.com" {type master; file "/home/admin/conf/dns/mydomain.com.db";};
=======================================================================
First message (wrong)
=======================================================================
Hello,
I'm trying to configure correctly my DNS server and I have a problem: The forwarding.
First of all, my knowledge in DNS stuff is very basic.
Well, I'm using my own DNS server (ns1.mydomain.com) and, except the forwarding, works ok; the problem comes when I ask to my server for an address that the server does not know, I think that in this situation enters in game the forwarders; the problem it's that I don't know how to configure properly the forwarders on /etc/named.conf (or in the correct place...).
This is my named.conf now:
Code: Select all
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
pid-file "/var/run/named/named.pid";
statistics-file "/var/named/data/named_stats.txt";
version "get lost";
allow-transfer {"none";};
recursion yes;
forwarders {8.8.8.8; 8.8.4.4;};
};
include "/etc/rndc.key";
zone "mydomain.com" {type master; file "/home/admin/conf/dns/mydomain.com.db";};
Edit note: If recursion = no, the server seems that is not able to resolve unknow addresses, so, if recursion = no, are the forwarders ignored?
I'm trying to force the system to use my DNS server with this configuration of the /etc/resolv.conf
Code: Select all
nameserver 127.0.0.1
Thanks in advance!!