Re: DNS

[Loren M. Lang]

On Tue, Jan 25, 2005 at 01:48:36AM +0300, Zaid Dashti wrote:
> hello
> i created a dns server, but it works only on my local network.
> how can i make it for global ?

Do you have a registered domain name?  If so, then tell whoever you
registered it with to point it to your name server.  

> 
> NOTE: i use freebsd 5.2.1
> 
> thanks
> ___
> Zaid Dashti
> 
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"

-- 
I sense much NT in you.
NT leads to Bluescreen.
Bluescreen leads to downtime.
Downtime leads to suffering.
NT is the path to the darkside.
Powerful Unix is.

Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc
Fingerprint: B3B9 D669 69C9 09EC 1BCD  835A FAF3 7A46 E4A3 280C
 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS

[Jonathan Chen]

On Mon, Jan 24, 2005 at 07:43:10PM +0300, Zaid Dashti wrote:

[...]
> but i got a problem, when i use nslookup then i change the server to my DNS 
> machine IP local network (by using another computer in the local network), 
> it works fine, but when i use the IP of my internet account, i got time-out
> why? how to solve it ?

Firewall rules? We need more information, otherwise we're just
guessing.
-- 
Jonathan Chen <[EMAIL PROTECTED]>
--
"If everything's under control, you're going too slow"
  - Mario Andretti
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS

[Zaid Dashti]

my firewall rules is only 2 rules :
add 1 allow ip from any to any
add 2 allow tcp from any to any
i didn't  add rules yet, cuz i want to test the machine, after solving this 
problem i will set the rules

___
Zaid Dashti
- Original Message - 
From: "Jonathan Chen" <[EMAIL PROTECTED]>
To: "Zaid Dashti" <[EMAIL PROTECTED]>
Cc: 
Sent: Tuesday, January 25, 2005 9:06 PM
Subject: Re: DNS


On Mon, Jan 24, 2005 at 07:43:10PM +0300, Zaid Dashti wrote:
[...]
but i got a problem, when i use nslookup then i change the server to my 
DNS
machine IP local network (by using another computer in the local 
network),
it works fine, but when i use the IP of my internet account, i got 
time-out
why? how to solve it ?
Firewall rules? We need more information, otherwise we're just
guessing.
--
Jonathan Chen <[EMAIL PROTECTED]>
--
   "If everything's under control, you're going too slow"
 - Mario Andretti

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS

[cpghost]

On Tue, Jan 25, 2005 at 09:25:54PM +0300, Zaid Dashti wrote:
> my firewall rules is only 2 rules :
> add 1 allow ip from any to any
> add 2 allow tcp from any to any

What about udp? DNS sends and receives UDP datagrams,
so you need to punch yet another hole in your firewall.

> i didn't  add rules yet, cuz i want to test the machine, after solving this 
> problem i will set the rules

Cheers,
-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS

[Peter N. M. Hansteen]

"Zaid Dashti" <[EMAIL PROTECTED]> writes:

> i bought a domain, and i'm trying to host it using my machine in my home 
> (just for learning how to host and DNS)

First thing to check for: has the domain been properly delegated to you?

What kind of response do you get from say,

$ dig domaininquestion.tld ns

or 

dig domaininquestion.tld any


Is the machine you are setting up among the ns records listed by dig?

> but i got a problem, when i use nslookup then i change the server to my DNS 
> machine IP local network (by using another computer in the local network), 
> it works fine, but when i use the IP of my internet account, i got time-out
> why? how to solve it ?

If your machine is supposed to be the master, you should check that it
is set up to answer authoratively for your domain to at least the
authorative slaves and preferably to the world. Check that any
firewalling of port 53 udp *and* tcp is turned off while you're at it. 

These are at least some of the more common errors.

Good luck with the debugging!

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS

[Thomas Foster]

Does it have a publically accessible interface that can be accessed via an 
internet connection, or is it behind a Firewall/NAT/Router?  Is UDP port 53 
accessible if it is behind a Router?  Are you hosting a publically 
resolvable domain name?

T
- Original Message - 
From: "ZaiD Dashti" <[EMAIL PROTECTED]>
To: 
Sent: Saturday, January 29, 2005 9:14 AM
Subject: DNS


hello
i have finished of installing my freebsd, and i ran a DNS server (named)
my DNS server listens only to my local network and it does not listens to
real world (i mean for resolving).
how can i make it to listen to the real world?
thanks
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS

[Chris]

ZaiD Dashti wrote:
hello
i have finished of installing my freebsd, and i ran a DNS server (named)
my DNS server listens only to my local network and it does not listens to
real world (i mean for resolving).
how can i make it to listen to the real world?
thanks
1. Purchase the O'Reilly book on Bind
http://www.oreilly.com/catalog/dns4/
ISBN: 0-596-00158-4
2. Read said book
3. Read book again
4. Go here: 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-dns.html

--
Best regards,
Chris
Real programmers don't advertise their hangovers.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS

[ZaiD Dashti]

yes i have a ADSL router, and i redirect all ports to freebsd machine
when i connect to apache server (from outside my network and also locally) 
it work, but i don't know why DNS gaves me timeout.
there is no nating or firewall, only router, yes the udp is accessable

i'm trying to run DNS server, cuz i want to host my domain (just for 
learning how to host)


From: "Thomas Foster" <[EMAIL PROTECTED]>
To: "ZaiD Dashti" <[EMAIL PROTECTED]>,
Subject: Re: DNS
Date: Sat, 29 Jan 2005 09:20:37 -0800
Does it have a publically accessible interface that can be accessed via an 
internet connection, or is it behind a Firewall/NAT/Router?  Is UDP port 53 
accessible if it is behind a Router?  Are you hosting a publically 
resolvable domain name?

T
- Original Message - From: "ZaiD Dashti" <[EMAIL PROTECTED]>
To: 
Sent: Saturday, January 29, 2005 9:14 AM
Subject: DNS

hello
i have finished of installing my freebsd, and i ran a DNS server (named)
my DNS server listens only to my local network and it does not listens to
real world (i mean for resolving).
how can i make it to listen to the real world?
thanks
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS

[Chris]

From: "Thomas Foster" <[EMAIL PROTECTED]>
To: "ZaiD Dashti" 
<[EMAIL PROTECTED]>,
Subject: Re: DNS
Date: Sat, 29 Jan 2005 09:20:37 -0800

Does it have a publically accessible interface that can be accessed 
via an internet connection, or is it behind a Firewall/NAT/Router?  Is 
UDP port 53 accessible if it is behind a Router?  Are you hosting a 
publically resolvable domain name?

T
- Original Message - From: "ZaiD Dashti" <[EMAIL PROTECTED]>
To: 
Sent: Saturday, January 29, 2005 9:14 AM
Subject: DNS

hello
i have finished of installing my freebsd, and i ran a DNS server (named)
my DNS server listens only to my local network and it does not 
listens to
real world (i mean for resolving).
how can i make it to listen to the real world?

thanks

Properly formated:
ZaiD Dashti wrote:
> yes i have a ADSL router, and i redirect all ports to freebsd machine
> when i connect to apache server (from outside my network and also
> locally) it work, but i don't know why DNS gaves me timeout.
> there is no nating or firewall, only router, yes the udp is accessable
>
> i'm trying to run DNS server, cuz i want to host my domain (just for
> learning how to host)
>
>
>
Contact your ISP - if you wish to host your domain, you need to be 
authoritive. Most DSL providers (that I have dealt with) will not do that.

--
Best regards,
Chris
If everything is coming your way, you're in the
wrong lane.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS

[Waitman Gobble]

On Sun, Jan 1, 2012 at 12:20 PM, Daniel Lewis
wrote:

>
> Im new to freebsd 8.2 and the unix world. How do i setup dns to support my
> domain
>


Hi Daniel,

You probably want to use ISC bind in /usr/ports/dns

I recommend you read the O'Reilly book DNS and BIND.


Basic process -


Install and configure bind. If possible set up on two or more machines/ip.
IMHO it's less hassle to set up duplicate masters and rsync changes from
your 'main' install instead of setting up master/slave configurations.

create zone file for your domain, ie

$TTL 86400
example.com.IN  SOA ns1.example.com. n...@example.com. (
2012010210
28800
7200
1209600
86400 )
example.com.NS  ns1.example.com.
example.com.NS  ns2.example.com.
example.com.MX  0 mail.example.com.
example.com.A   192.168.0.133
www.example.com.A   192.168.0.133
*   IN  CNAME   www.example.com.

cname is good for people who enjoy making typos like  and ww


add your domain zone file to named.conf, ie

zone "example.com" IN {
type master;
file "example.com.hosts";
};


reload nameserver

rndc reload

export your nameservers to root ns, this process varies for registrar -
look for "use my own nameserver" or "create nameservers based on domain" in
your registrar help docs. Maybe you can contact internic/nsi directly
instead (?). Back in the old days users just spread around copies of the
hosts file.

Have fun.

Waitman Gobble
San Jose California USA
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Walter Alejandro Iglesias]

On Sun, Jan 01, 2012 at 12:51:42PM -0800, Waitman Gobble wrote:
> On Sun, Jan 1, 2012 at 12:20 PM, Daniel Lewis
> wrote:
> 
> >
> > Im new to freebsd 8.2 and the unix world. How do i setup dns to support my
> > domain
> >
> 
> 
> Hi Daniel,
> 
> You probably want to use ISC bind in /usr/ports/dns
> 
> I recommend you read the O'Reilly book DNS and BIND.
> 
> 
> Basic process -
> 
> 
> Install and configure bind. If possible set up on two or more machines/ip.
> IMHO it's less hassle to set up duplicate masters and rsync changes from
> your 'main' install instead of setting up master/slave configurations.
> 
> create zone file for your domain, ie
> 
> $TTL 86400
> example.com.IN  SOA ns1.example.com. n...@example.com. (
> 2012010210
> 28800
> 7200
> 1209600
> 86400 )
> example.com.NS  ns1.example.com.
> example.com.NS  ns2.example.com.
> example.com.MX  0 mail.example.com.
> example.com.A   192.168.0.133
> www.example.com.A   192.168.0.133
> *   IN  CNAME   www.example.com.
> 
> cname is good for people who enjoy making typos like  and ww
> 
> 
> add your domain zone file to named.conf, ie
> 
> zone "example.com" IN {
> type master;
> file "example.com.hosts";
> };
> 
> 
> reload nameserver
> 
> rndc reload
> 
> export your nameservers to root ns, this process varies for registrar -
> look for "use my own nameserver" or "create nameservers based on domain" in
> your registrar help docs. Maybe you can contact internic/nsi directly
> instead (?). Back in the old days users just spread around copies of the
> hosts file.
> 
> Have fun.
> 
> Waitman Gobble
> San Jose California USA


Hello Waitman,

Time ago I made the attempt to setup my own DNS in the same
machine I had my web server running.  DNS was the only thing I
was not able to automatically update in the system with my
scripts each time a new customer purchased a service.  It would
be wonderful for me if you or anyone here at least confirm me if
it is really possible. 

I read bind9 manuals and learned how to write my zones in the
way you show above.  But I couldn't get it working.  Finally I
assumed that DNS should be run in a different machine.  Since
then I use freedns.afraid.org.  At this time I had to get the
job done so I left this subject pending.  If it is really
possible I ignore what I could missed, I tried hardly.  I even
asked in a bind mailing list and some guys implied, without
giving me details, that it will not propagate.

Perhaps, at that time, I failed in doing something related to
what you explain in your 3rd paragraph.




And now, for all the list: honestly I am glad to have found this
place.  It is not common to find in mailing list and forums
(included freebsd forum) this level of help, discussion and
affable treat, (no, I am not telling this because the "happy new
year", I am being objective :-)).
Anyway, happy new year to all!


Walter



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Robert Huff]

Waitman Gobble writes:

>  > Im new to freebsd 8.2 and the unix world. How do i setup dns to 
>  > support my domain
>
>  You probably want to use ISC bind in /usr/ports/dns

BIND is part of the base system.

>  I recommend you read the O'Reilly book DNS and BIND.

Agreed.


Robert Huff

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Robert Huff]

Walter Alejandro Iglesias writes:

>  Time ago I made the attempt to setup my own DNS in the same
>  machine I had my web server running.  DNS was the only thing I
>  was not able to automatically update in the system with my
>  scripts each time a new customer purchased a service.  It would
>  be wonderful for me if you or anyone here at least confirm me if
>  it is really possible. 

What is possible - updating using scripts, or running BIND on
the same machine as a web server (presumably Apache)?
While I'm sure someone has written them, I don't know of any
scripts that will "update" (whatever that means) BIND configuration
files that are included either as part of the base system or as
ports.
However, running BIND and Apache is certainly possible - the
machine I'm typing this on does exactly that.


Robert Huff

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Waitman Gobble]

On Sun, Jan 1, 2012 at 2:54 PM, Robert Huff  wrote:

>
> Walter Alejandro Iglesias writes:
>
> >  Time ago I made the attempt to setup my own DNS in the same
> >  machine I had my web server running.  DNS was the only thing I
> >  was not able to automatically update in the system with my
> >  scripts each time a new customer purchased a service.  It would
> >  be wonderful for me if you or anyone here at least confirm me if
> >  it is really possible.
>
> What is possible - updating using scripts, or running BIND on
> the same machine as a web server (presumably Apache)?
>While I'm sure someone has written them, I don't know of any
> scripts that will "update" (whatever that means) BIND configuration
> files that are included either as part of the base system or as
> ports.
>However, running BIND and Apache is certainly possible - the
> machine I'm typing this on does exactly that.
>
>
>Robert Huff
>
>
I agree with Robert, it's generally no problem, at least technically, to
run BIND on the same machine. (Unless in certain situations I can think of
at the moment) you are running your httpd server on a non-public network
behind a firewall, doing certain things with NAT on the router, or running
httpd on a "private machine" that only "gets traffic" from a public-facing
cache/proxy like squid. These situations don't rule out use but could cause
'looping' or otherwise cause problems depending on how your network and
name system is setup.

It is better to have more than one machine running name services, if
possible. Also a good idea to prohibit zone transfers and recursive
lookups, or at least limit very carefully.

You should be able to set up a zone update thing for your customers, just
keep TTL somewhat short, and update your serial # in the zone so that
external caches will pull the updates (using date and/or time is probably
best.) And you probably don't want the daemon/nobody httpd user fooling
around with the zone files or named process directly so it's best to set a
signal in your script like 'touch /tmp/updatebind' or something and have a
cron job check for the 'signal'.

Waitman
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Walter Alejandro Iglesias]

On Sun, Jan 01, 2012 at 05:54:59PM -0500, Robert Huff wrote:
> 
> Walter Alejandro Iglesias writes:
> 
> >  Time ago I made the attempt to setup my own DNS in the same
> >  machine I had my web server running.  DNS was the only thing I
> >  was not able to automatically update in the system with my
> >  scripts each time a new customer purchased a service.  It would
> >  be wonderful for me if you or anyone here at least confirm me if
> >  it is really possible. 
> 
>   What is possible - updating using scripts, or running BIND on
> the same machine as a web server (presumably Apache)?
>   While I'm sure someone has written them, I don't know of any
> scripts that will "update" (whatever that means) BIND configuration
> files that are included either as part of the base system or as
> ports.
>   However, running BIND and Apache is certainly possible - the
> machine I'm typing this on does exactly that.
> 
> 
>   Robert Huff
> 


I wrote a bunch of sh scripts to update sendmail, apache, add
system users, etc.  Those scripts were executed by cron.  I
wrote a simple php client panel too.  So, the sh scripts read
the data from mysql (I wrote those scripts originally in
Slackware and more late I left unfinished its migration to
freebsd) and updated the system.

For updating BIND I meant that the scripts (using sed) add
zones in the zone files and restart bind, in the same way they
add new virtual server entries in httpd.conf and restart apache.

Sure, like you say, it is possible "running" BIND and Apache.
But, is it possible|convenient that the name server "reside" in
the same machine that host (with apache) the domain names served
by it?  Perhaps you find stupid my question, but believe me, I
am lost :-).

Or to simplify the question, what is needed to run a DNS?
What I know:

Edit the zone files.
Run bind.
Register the names ns1.mysite.com, ns2..., (some trick here?)
Obviously adding them to the registrar of the domains served.


Walter



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Walter Alejandro Iglesias]

On Sun, Jan 01, 2012 at 03:24:59PM -0800, Waitman Gobble wrote:
> On Sun, Jan 1, 2012 at 2:54 PM, Robert Huff  wrote:
> 
> >
> > Walter Alejandro Iglesias writes:
> >
> > >  Time ago I made the attempt to setup my own DNS in the same
> > >  machine I had my web server running.  DNS was the only thing I
> > >  was not able to automatically update in the system with my
> > >  scripts each time a new customer purchased a service.  It would
> > >  be wonderful for me if you or anyone here at least confirm me if
> > >  it is really possible.
> >
> > What is possible - updating using scripts, or running BIND on
> > the same machine as a web server (presumably Apache)?
> >While I'm sure someone has written them, I don't know of any
> > scripts that will "update" (whatever that means) BIND configuration
> > files that are included either as part of the base system or as
> > ports.
> >However, running BIND and Apache is certainly possible - the
> > machine I'm typing this on does exactly that.
> >
> >
> >Robert Huff
> >
> >
> I agree with Robert, it's generally no problem, at least technically, to
> run BIND on the same machine. (Unless in certain situations I can think of
> at the moment) you are running your httpd server on a non-public network
> behind a firewall, doing certain things with NAT on the router, or running
> httpd on a "private machine" that only "gets traffic" from a public-facing
> cache/proxy like squid. These situations don't rule out use but could cause
> 'looping' or otherwise cause problems depending on how your network and
> name system is setup.
> 
> It is better to have more than one machine running name services, if
> possible. Also a good idea to prohibit zone transfers and recursive
> lookups, or at least limit very carefully.
> 
> You should be able to set up a zone update thing for your customers, just
> keep TTL somewhat short, and update your serial # in the zone so that
> external caches will pull the updates (using date and/or time is probably
> best.) And you probably don't want the daemon/nobody httpd user fooling
> around with the zone files or named process directly so it's best to set a
> signal in your script like 'touch /tmp/updatebind' or something and have a
> cron job check for the 'signal'.
> 
> Waitman


Thanks Waitman,

The true is I am a bit lost, perhaps (here is late, 00:54) I am
a bit hungry and tired :-).  I will dinner, sleep and tomorrow
morning with a fresh mind I will reread carefully this last
message.  I'll buy the book you advised too.


Walter



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Waitman Gobble]

>
>
> Sure, like you say, it is possible "running" BIND and Apache.
> But, is it possible|convenient that the name server "reside" in
> the same machine that host (with apache) the domain names served
> by it?  Perhaps you find stupid my question, but believe me, I
> am lost :-).
>
> Or to simplify the question, what is needed to run a DNS?
> What I know:
>
> Edit the zone files.
> Run bind.
> Register the names ns1.mysite.com, ns2..., (some trick here?)
> Obviously adding them to the registrar of the domains served.
>
>
>Walter
>
>
>
>
Yes, you can run BIND on the same FreeBSD machine as your web server.
You have to have your nameserver listed with internic (for .com and .net -
ie, your nameserver has to show up in the NAMESERVER whois (note: different
than DOMAIN whois) on http://www.internic.net/whois.html) and also for each
TLD you want to provide service for (ie, .org, .mobi, etc etc) .
If you are using opensrs it's pretty simple to list your nameserver with
local and foreign tlds, but with other Registrars - you'd have to check
into the details. It's generally easier to use a local domain for the
nameservers (ie, ns1.example.mobi for .mobi domains.) but it is also
possible to use foreign nameservers (ie, ns1.example.com to resolve
www.example.mobi - is considered "foreign")

Waitman
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Robert Huff]

Walter Alejandro Iglesias writes:

>  Perhaps you find stupid my question, but believe me, I am
>  lost :-).

Where you are now, so once were most of us.  :-)

>  Sure, like you say, it is possible "running" BIND and Apache.
>  But, is it possible|convenient that the name server "reside" in
>  the same machine that host (with apache) the domain names served
>  by it?  

Possible: I'm doing it.
Convenient?  Depends on what you consider "convenient"
The machine in question only serves a few zones, and only
changes its IP occesionally.
When it does, I have a script which will change the config file
for sshd, and another which changes most (but not all) settings for
bind.  Elapsed time (assuming I remember all the bits): 5 minutes,
plus a re-boot and checking the numbers.


Robert Huff

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

RE: DNS

[Kevin Zheng]

Hello,

I've been using FreeBSD as a local nameserver (with my own .local
domains!) for quite some time. FreeBSD comes with a name server already
installed; you don't need to get it from the ports, although I'm not
sure what difference it makes. The one that comes with FreeBSD can be
enabled with named_enable="YES" in /etc/rc.conf. The configuration files
are in /etc/namedb/.

Getting a book about BIND really helps learning it. The examples are
especially useful. BIND can be a little daunting to learn, but it all
clicks in the end.

If you want to use BIND for mass hosting, you can consider hooking BIND
up to MySQL or a similar database. I haven't personally tried it, so I
cannot vouch for it to work. It may be what you're looking for, though.
You can have a look at this link: http://mysql-bind.sourceforge.net/.

Hopefully, this helps.

Sincerely,
Kevin Zheng
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

RE: DNS

[Robert Huff]

Kevin Zheng writes:

>  FreeBSD comes with a name server already installed; you don't
>  need to get it from the ports, although I'm not sure what
>  difference it makes.

The version in ports is a later issue in te BIND 9.* series.
If the difference is important to you, you probably aren't
contributing to this conversarion.  :-)
(While the version in base being slightly earlier is in keeping
with the general FreeBSD philosophy, I believe it gets all the
security updates.)


Robert Huff


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Walter Alejandro Iglesias]

On Sun, Jan 01, 2012 at 04:26:38PM -0800, Waitman Gobble wrote:
> You have to have your nameserver listed with internic (for .com and .net -
> ie, your nameserver has to show up in the NAMESERVER whois (note: different
> than DOMAIN whois) on http://www.internic.net/whois.html) and also for each

This is exactly the point I missed.  At that opportunity I
searched in all places except in the right one.

> 
> Waitman

I am very grateful.


Walter




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Walter Alejandro Iglesias]

On Sun, Jan 01, 2012 at 04:26:38PM -0800, Waitman Gobble wrote:
> Yes, you can run BIND on the same FreeBSD machine as your web server.
> You have to have your nameserver listed with internic (for .com and .net -
> ie, your nameserver has to show up in the NAMESERVER whois (note: different
> than DOMAIN whois) on http://www.internic.net/whois.html) and also for each
> TLD you want to provide service for (ie, .org, .mobi, etc etc) .
> If you are using opensrs it's pretty simple to list your nameserver with
> local and foreign tlds, but with other Registrars - you'd have to check
> into the details. It's generally easier to use a local domain for the
> nameservers (ie, ns1.example.mobi for .mobi domains.) but it is also
> possible to use foreign nameservers (ie, ns1.example.com to resolve
> www.example.mobi - is considered "foreign")
> 
> Waitman

Bothering you again Waitman,

Now after refreshing my memory (it happened one year ago) I
could remember that I did register the nameservers.  I found the
option in my registar to add to some domain i.e. mydomain.com
the entries ns1.mydomain.com, etc.  I think that the problem I
had was related with the IPs.  The VPS provider gave me just
two, and AFAIK each name server needs its own dedicated IP.  Now
I can remember that I asked to their support team and they
answered me that the nameservers could perfectly share the IP
with the domains.  Could be that the reason I don't get the
thing working?

Walter



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Waitman Gobble]

Now after refreshing my memory (it happened one year ago) I

> could remember that I did register the nameservers.  I found the
> option in my registar to add to some domain i.e. mydomain.com
> the entries ns1.mydomain.com, etc.  I think that the problem I
> had was related with the IPs.  The VPS provider gave me just
> two, and AFAIK each name server needs its own dedicated IP.  Now
> I can remember that I asked to their support team and they
> answered me that the nameservers could perfectly share the IP
> with the domains.  Could be that the reason I don't get the
> thing working?
>
>Walter
>
>
Hello,

You /can/ have a nameserver with same IP as www. And you /can/ multihome
your NIC with multiple IP on same machine,

ie,
www.example.com 192.168.0.131 and 192.168.0.132 (if you want, optional
extra address for www)
ns1.example.com 192.168.0.131
ns2.example.com 192.168.0.132

Waitman
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS

[Walter Alejandro Iglesias]

On Mon, Jan 02, 2012 at 11:06:39AM -0800, Waitman Gobble wrote:
> Hello,
> 
> You /can/ have a nameserver with same IP as www. And you /can/ multihome
> your NIC with multiple IP on same machine,
> 
> ie,
> www.example.com 192.168.0.131 and 192.168.0.132 (if you want, optional
> extra address for www)
> ns1.example.com 192.168.0.131
> ns2.example.com 192.168.0.132
> 
> Waitman

I thought I've isolated the problem.  God is playing with me
like in The Truman Show :-).  Well, the next time I get a
dedicated server I will try again.

Many thanks Waitman

Walter



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: dns

[Roman Neuhauser]

# [EMAIL PROTECTED] / 2002-12-29 22:19:08 -0700:
> Hello all.  I have a freebsd box I'm using as a router for my subnet.  I have 
> this freebsd router doing nat and dhcp assinging internal ip addresses for 
> the computers on the network (i.e. 192.168.x.x).  This box is also a web 
> server for a registered domain name.  My probelm is that when someone wants 
> to connect to my web site the dns gives them the internal ip of the FreeBSD 
> box and not the external ip of the router.  Can someone tell me how I get the 
> FreeBSD's dns to point to the external ip address for my doimain?  Thanks 
> much.

you are talking about the so-called "split horizon", where the
information returned by the content server differs based on the IP
of the resolver. configuration is of course software dependent.

djbdns:

http://homepages.tesco.net/~J.deBoynePollard/FGA/dns-split-horizon.html

bind has a facility called "views" which should be able to provide
similar results.

-- 
If you cc me or remove the list(s) completely I'll most likely ignore
your message.see http://www.eyrie.org./~eagle/faqs/questions.html

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Re: DNS virgin

[Mark A. Garcia]

kilim wrote:
  Now that I've registered a certain domain through godaddy.com I
  wish to set up my own DNS server. In the Godaddy's web interface
  there is a way to set two new DNS server. Can I just put one of the
  server to be my DNS primary leaving out the secondary ? Or can I
  leave their server to be my secondary ?
  I'm asking this because I'm on DSL with a static IP, but don't want
  to have two server just for DNS.
  
  By going the this way, with only one DNS server, this wouldn't be
  proper and safe right ?
 

If you want your own primary and leave godaddy as a sec, you'll need to 
have zone transfers axfr between your pri and godaddy (sec).  Both pri 
and secondary need to have sync'd dns records.

I do not know if godaddy even offers secondary zone transfers service or 
not.

I know everydns.net does (free).  I'm sure other free dns services do too.
Also, this is under chapter 4 in the dns/bind book.
Having one primary dns server is a risk, but perfectly doable.  IMHO, if 
this is for your own small personal space to host just a single dns it 
would be perfectly fine.  I know many folks who just run one dns server 
personally.  Now for more mission critical stuff, it's best to have 2 
dns servers or more.  Not only for handling the potential swath of 
requests, but to at least have one server available all the time to 
serve requests.

Keep in mind DNS is getting more and more critical for the simple user 
nowadays, considering all the anti-spam blocking features that actual 
verify the email senders domain for MX records.  It's up to you...

Cheers,
-.mag
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS virgin

[Kevin Kinsey]

kilim wrote:
Hello,
being a DNS virgin I deceided to post this after reading through Dns &
Bind book and various on/off-line documentation.
I have loads of questions even though I've read through this
stuff. And I'm hoping that you can help me clarify them. Thanks in
advance !
  Now that I've registered a certain domain through godaddy.com I
  wish to set up my own DNS server. In the Godaddy's web interface
  there is a way to set two new DNS server. Can I just put one of the
  server to be my DNS primary leaving out the secondary ? Or can I
  leave their server to be my secondary ?
 

I don't know if GoDaddy would provide this service for you or not.
They might, and if so, probably you have to request it and pay a
fee.
  I'm asking this because I'm on DSL with a static IP, but don't want
  to have two server just for DNS.
  
  By going the this way, with only one DNS server, this wouldn't be
  proper and safe right ?
 

Well, first, make sure that running servers is within the ISP's
TOS agreement.
You really *should* have 2 DNS servers ... if you have only one
and it goes down for too long a time period. your domains
will disappear from the worldwide system until you get it
back up.  I suppose it's conceivable that a lot of traffic against
that DSL modem might even cause some requests to fail.
And, if possible, they should be on different networks.  My
company found this out the hard way once, when the upstream
provider had difficulties and both our existing DNS boxes,
though they were running fine, disappeared.  Fortunately
we were able to resolve the issue before too much mail
started flying around in la la land.
That said, you could put a site "on the air" without a secondary,
but I wouldn't charge people to use it.  ;-)
Try googling for "free secondary name servers" or somesuch.
I'm pretty sure that there is/are an organization(s) that does
secondary DNS for free, or at least there *used* to be.
Good luck!
Kevin Kinsey
DaleCo, S.P.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS virgin

[kilim]

On Thu, Feb 10, 2005 at 04:41:52PM -0600, Kevin Kinsey wrote:
> kilim wrote:
> 

> >  Now that I've registered a certain domain through godaddy.com I
> >  wish to set up my own DNS server. In the Godaddy's web interface
> >  there is a way to set two new DNS server. Can I just put one of the
> >  server to be my DNS primary leaving out the secondary ? Or can I
> >  leave their server to be my secondary ?
> >
> > 



> That said, you could put a site "on the air" without a secondary,
> but I wouldn't charge people to use it.  ;-)

Would it be possible to have only one DNS server to start with and then
get a second one later, on a different subnet ?

Or would this be possible: put this first dns server up and second aswell, 
but then later take the second one off and move it to a different network ?



Thank you 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS virgin

[Vince Hoffman]

On Fri, 11 Feb 2005, kilim wrote:
On Thu, Feb 10, 2005 at 04:41:52PM -0600, Kevin Kinsey wrote:
kilim wrote:

 Now that I've registered a certain domain through godaddy.com I
 wish to set up my own DNS server. In the Godaddy's web interface
 there is a way to set two new DNS server. Can I just put one of the
 server to be my DNS primary leaving out the secondary ? Or can I
 leave their server to be my secondary ?


That said, you could put a site "on the air" without a secondary,
but I wouldn't charge people to use it.  ;-)
Would it be possible to have only one DNS server to start with and then
get a second one later, on a different subnet ?
Or would this be possible: put this first dns server up and second aswell,
but then later take the second one off and move it to a different network ?
Both are possible. you just need to keep the configs in sync (the master 
knowing where the secondary is and vice versa) and update the listed 
nameservers at Godaddy.

 >

Thank you
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS virgin

[kilim]

On Fri, Feb 11, 2005 at 02:00:11PM +, Vince Hoffman wrote:
> 
> On Fri, 11 Feb 2005, kilim wrote:
> 
> >On Thu, Feb 10, 2005 at 04:41:52PM -0600, Kevin Kinsey wrote:
> >>kilim wrote:
> >>
> >
> >>> Now that I've registered a certain domain through godaddy.com I
> >>> wish to set up my own DNS server. In the Godaddy's web interface
> >>> there is a way to set two new DNS server. Can I just put one of the
> >>> server to be my DNS primary leaving out the secondary ? Or can I
> >>> leave their server to be my secondary ?
> >>>
> >>>
> >
> >
> >
> >>That said, you could put a site "on the air" without a secondary,
> >>but I wouldn't charge people to use it.  ;-)
> >
> >Would it be possible to have only one DNS server to start with and then
> >get a second one later, on a different subnet ?
> >
> >Or would this be possible: put this first dns server up and second aswell,
> >but then later take the second one off and move it to a different network ?
> 
> Both are possible. you just need to keep the configs in sync (the master 
> knowing where the secondary is and vice versa) and update the listed 
> nameservers at Godaddy.

Thanks a lot ! :) You've helped me. 

 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS refresh

[Chuck Swiger]

Jean-Paul Natola wrote:
> Sorry for the novice question, 
> 
> How does one go about refreshing a dns record on BSD box (without rebooting),
> it is NOT a DNS server.

Most BSD networks do not have dynamic DNS updating enabled on their nameservers,
but that is the capability you seem to be asking about.  If your network does
have this enabled, it's possible that using dhclient to release and renew a DHCP
lease on the BSD machine would be the right approach.

Otherwise, change the zone file on the primary DNS server directly by hand.

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: DNS refresh

[Jean-Paul Natola]

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chuck Swiger
Sent: Monday, December 12, 2005 3:06 PM
To: Jean-Paul Natola
Cc: freebsd-questions@freebsd.org
Subject: Re: DNS refresh

Jean-Paul Natola wrote:
> Sorry for the novice question, 
> 
> How does one go about refreshing a dns record on BSD box (without
rebooting),
> it is NOT a DNS server.

Most BSD networks do not have dynamic DNS updating enabled on their
nameservers,
but that is the capability you seem to be asking about.  If your network does
have this enabled, it's possible that using dhclient to release and renew a
DHCP
lease on the BSD machine would be the right approach.

Otherwise, change the zone file on the primary DNS server directly by hand.

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Heres the situation 

I'm in windows environment mainly, I recently setup a BSD box (static IP, and
DNS pointing to the windows DNS server)

With Exim, SA  and CLAM_AV

All has been running relatively well (3 months give or take)

Till today I started getting this:

milter# freshclam
ClamAV update process started at Mon Dec 12 15:05:34 2005
WARNING: DNS record is older than 3 hours.
WARNING: Invalid DNS reply. Falling back to HTTP mode.

Google gave me 

http://www.google.com/search?hl=en&q=DNS+record+is+older+than+3+hours&btnG=Go
ogle+Search

One tell me that's its ok
There is no reason to be concerned - most likely you have a caching DNS
server at the gateway and this is causing it. DNS query is designed to
minimise load on the datbase server when determining if the database version
is uptodate. But if this method fails it would just query the database server

The other , leaves me wondering
I get this error when running freshclam: Invalid DNS reply. Falling back to
HTTP mode or ERROR: Can't query current.cvd.clamav.net . What does it mean? 

There is a problem with your DNS server. Please check the entries in
/etc/resolv.conf and verify that you can resolve the TXT record manually:
$ host -t txt current.cvd.clamav.net
If you can't, it means your network is broken. You'll be still able to
download the updates, but you'll waste a lot of bandwidth checking for
updates.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS refresh

[Chuck Swiger]

Jean-Paul Natola wrote:
> I'm in windows environment mainly, I recently setup a BSD box (static IP, and
> DNS pointing to the windows DNS server)
> 
> With Exim, SA  and CLAM_AV
> 
> All has been running relatively well (3 months give or take)
> 
> Till today I started getting this:
> 
> milter# freshclam
> ClamAV update process started at Mon Dec 12 15:05:34 2005
> WARNING: DNS record is older than 3 hours.
> WARNING: Invalid DNS reply. Falling back to HTTP mode.

Presumably your Windows-based nameserver is having problems, and should be
patched and/or rebooted.  :-)  Alternatively, you could point your BSD machine
to another nameserver which is working properly by editting /etc/resolv.conf.

-- 
-Chuck


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: DNS refresh

[Derek Ragona]

At 02:32 PM 12/12/2005, Jean-Paul Natola wrote:



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chuck Swiger
Sent: Monday, December 12, 2005 3:06 PM
To: Jean-Paul Natola
Cc: freebsd-questions@freebsd.org
Subject: Re: DNS refresh

Jean-Paul Natola wrote:
> Sorry for the novice question,
>
> How does one go about refreshing a dns record on BSD box (without
rebooting),
> it is NOT a DNS server.

Most BSD networks do not have dynamic DNS updating enabled on their
nameservers,
but that is the capability you seem to be asking about.  If your network does
have this enabled, it's possible that using dhclient to release and renew a
DHCP
lease on the BSD machine would be the right approach.

Otherwise, change the zone file on the primary DNS server directly by hand.

--
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Heres the situation

I'm in windows environment mainly, I recently setup a BSD box (static IP, and
DNS pointing to the windows DNS server)

With Exim, SA  and CLAM_AV

All has been running relatively well (3 months give or take)

Till today I started getting this:

milter# freshclam
ClamAV update process started at Mon Dec 12 15:05:34 2005
WARNING: DNS record is older than 3 hours.
WARNING: Invalid DNS reply. Falling back to HTTP mode.

Google gave me

http://www.google.com/search?hl=en&q=DNS+record+is+older+than+3+hours&btnG=Go
ogle+Search

One tell me that's its ok
There is no reason to be concerned - most likely you have a caching DNS
server at the gateway and this is causing it. DNS query is designed to
minimise load on the datbase server when determining if the database version
is uptodate. But if this method fails it would just query the database server

The other , leaves me wondering
I get this error when running freshclam: Invalid DNS reply. Falling back to
HTTP mode or ERROR: Can't query current.cvd.clamav.net . What does it mean?

There is a problem with your DNS server. Please check the entries in
/etc/resolv.conf and verify that you can resolve the TXT record manually:
$ host -t txt current.cvd.clamav.net
If you can't, it means your network is broken. You'll be still able to
download the updates, but you'll waste a lot of bandwidth checking for
updates.


Check the DNS servers your windows DNS is using to forward requests to, 
your ISP may have changed one or more of their DNS servers.  As an 
alternative you can setup your FreeBSD box as a DNS caching server, where 
it will forward requests to your ISP's DNS server(s) directly, taking your 
windows server out of the situation.


-Derek 
___

freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS server

[cpghost]

Sean Dicks wrote:
I can ping both NS servers but when it comes to pinging my domain it
doesn't ping. Ideas on what could be wrong?
 

You probably didn't configure the resolver library correctly.
In /etc/resolv.conf, you need to add the name server entries:
/etc/resolv.conf:
 domain example.com
 nameserver 1.2.3.4
 nameserver 5.6.7.8
Pinging the name servers using their IP addresses doesn't
test the resolver at all.
While that is the most likely cause, it is also possible that
you just bought a domain (or changed its records), and it
can take up to 72 hours for the DNS entries to propagate
throught the net.
Another reason is that you (or your net admin) blocked
ICMP at the firewall level, so you can't expect a reply
to a ping. You can test this easily by pinging, say,
www.altavista.com or another site that replies to pings.
Other reasons are possible too.
Sean
cpghost.
--
Cordula's Web. http://www.cordula.ws/
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS server

[Sean Dicks]

I am only using dns forwarding. I already have default values in
/etc/resolv.conf from my ISP, do I have to add my 2 others and delete
the ones from the ISP or just leave it as is. I registered the domain
today when I "whois rimouski-undernet.org" I see right nameservers on
it. Doesn't that mean it has propagated?

Sean

On Sun, 11 Jul 2004 18:47:23 +0200, cpghost <[EMAIL PROTECTED]> wrote:
> 
> 
> Sean Dicks wrote:
> 
> >I can ping both NS servers but when it comes to pinging my domain it
> >doesn't ping. Ideas on what could be wrong?
> >
> >
> You probably didn't configure the resolver library correctly.
> In /etc/resolv.conf, you need to add the name server entries:
> 
> /etc/resolv.conf:
>   domain example.com
>   nameserver 1.2.3.4
>   nameserver 5.6.7.8
> 
> Pinging the name servers using their IP addresses doesn't
> test the resolver at all.
> 
> While that is the most likely cause, it is also possible that
> you just bought a domain (or changed its records), and it
> can take up to 72 hours for the DNS entries to propagate
> throught the net.
> 
> Another reason is that you (or your net admin) blocked
> ICMP at the firewall level, so you can't expect a reply
> to a ping. You can test this easily by pinging, say,
> www.altavista.com or another site that replies to pings.
> 
> Other reasons are possible too.
> 
> >Sean
> >
> cpghost.
> 
> --
> Cordula's Web. http://www.cordula.ws/
> 
>
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS server

[Eric Crist]

On Sunday 11 July 2004 12:35, Sean Dicks wrote:
> I am only using dns forwarding. I already have default values in
> /etc/resolv.conf from my ISP, do I have to add my 2 others and delete
> the ones from the ISP or just leave it as is. I registered the domain
> today when I "whois rimouski-undernet.org" I see right nameservers on
> it. Doesn't that mean it has propagated?
>
> Sean

No, it doesn't.  I can successfully perform a whois from here on your domain, 
but an nslookup/dig both fail.  Give it 72 hours to propagate across the net.  
While the whois server for your domain is correct, the root servers for 
the .org TLD have not been updated to know where to look for that domain's 
information.

If it's still not working 3 days from now, let us know and we'll see if we can 
help you from there.

-- 
Eric F Crist

Keep your pecker hard and your powder dry, and the world WILL turn.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS server

[cpghost]

Sean Dicks wrote:
I am only using dns forwarding. I already have default values in
/etc/resolv.conf from my ISP, do I have to add my 2 others and delete
the ones from the ISP or just leave it as is. I registered the domain
today when I "whois rimouski-undernet.org" I see right nameservers on
it. Doesn't that mean it has propagated?
 

The WHOIS and DNS databases are distinct,
and not necessarily synchronized. You need
to wait until your domain is added to the .ORG
zone file of the master .ORG DNS Server
(that normally happens every 12 hours from the
PIR registry, IIRC [I can be wrong here!]). It can
then take up to 72 hours to propagate to the other
.ORG DNS slaves, and also to your ISPs DNS servers.
Just give it some time to propagate.
% dig rimouski-undernet.org
; <<>> DiG 8.3 <<>> rimouski-undernet.org
;; res options: init recurs defnam dnsrch
;; res_nsend: Operation timed out
Yep, not yet visible here...
-cpghost.
--
Cordula's Web. http://www.cordula.ws/
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS server

[Len Conrad]

No, it doesn't.  I can successfully perform a whois from here on your domain,
but an nslookup/dig both fail.  Give it 72 hours to propagate across the net.
propagation is a bogus idea when applied to DNS.  Like WMD and "immediate 
threat" when applied to Iraq.

As soon as the delegation and glue data for domain.tld is present in the 
.tld servers, that data is instantaneously available across all of Internet.

dig @NS_auth_for_tld domain.tld  any
Forget about whois data, it is operationally irrelevant for DNS 
operation.  whois protocol with whois servers, dns protocol with dns 
servers, ne'ver the twain meet.

Len
_
http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS server

[Eric Crist]

On Sunday 11 July 2004 13:12, cpghost wrote:
> Just give it some time to propagate.
>
> % dig rimouski-undernet.org
>
> ; <<>> DiG 8.3 <<>> rimouski-undernet.org
> ;; res options: init recurs defnam dnsrch
> ;; res_nsend: Operation timed out
>
> Yep, not yet visible here...
>
> -cpghost.

Something I didn't think about at my last reply, are you sure your DNS server 
is set up correctly?  Does it resolve it's own domains correctly, and is it 
able to answer queries about other domains?  I would check that while you 
were waiting for propagation.

-- 
Eric F Crist

Keep your pecker hard and your powder dry, and the world WILL turn.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS server

[Len Conrad]

Perhaps you need to do some research on the subject.
perhaps you need to clarify your vagary 
There are a series of DNS systems
???
For a public domain.tld, the only two servers involved are :
1. the servers authoritative for .tld to publish the delegation and glue 
records for domain.tld.

2. the servers authoritative for domain.tld to answer authoritatively.
Period. There are NO other servers involved, nor is there any "propagation".
a domain needs to be added to before it will function correctly.
This is known as propagation.
the misnomer propagation is used by people who think DNS data needs time to 
be available, to "propagate", over several days or a week, for all of 
Internet.  This is pure BS. There is no such concept in DNS.

Len
_
http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS server

[Matthew Seaman]

On Sun, Jul 11, 2004 at 01:53:22PM -0500, Len Conrad wrote:
 
> >a domain needs to be added to before it will function correctly.
> >This is known as propagation.
> 
> the misnomer propagation is used by people who think DNS data needs time to 
> be available, to "propagate", over several days or a week, for all of 
> Internet.  This is pure BS. There is no such concept in DNS.

For a brand new domain, you are exactly correct, or indeed for an RR
added to an existing domain.  For modification to any RR within a
previously existing domain there may well be a delay perceived by the
end user while waiting out the TTL of any old data cached in various
servers between him and the authoritative servers.  Those TTLs are
typically somewhere between an hour and several days.  It's not
actually a propagation delay, but the effect is much the same.

As the administrator of a zone, you can avoid or mitigate the delay by
dropping the TTL on any zone sufficiently far in advance of any
important changes.  You will see DNS traffic to your server increase
somewhat as network caches invalidate their stored data more often,
but that's the price of getting the fresh data out there promptly.

The worst case is where the NS records in the parent zone are modified
to point to a new set of authoritative servers, but the previous
authoritative servers are neither shut down nor loaded with the up to
date zone data.  A cache may keep referring back to the old servers
and refreshing itself with what it has no way of telling is old data
for some time.  It's a good idea when changing the servers for a
domain to make sure both the old and the new servers carry the latest
zone data for some suitable overlap period.

Cheers,

Matthew 

-- 
Dr Matthew J Seaman MA, D.Phil.   26 The Paddocks
  Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614  Bucks., SL7 1TH UK


pgpOgzGztlAuO.pgp
Description: PGP signature

Re: DNS server

[Kevin Stevens]

On Jul 11, 2004, at 12:46, Matthew Seaman wrote:
On Sun, Jul 11, 2004 at 01:53:22PM -0500, Len Conrad wrote:
a domain needs to be added to before it will function correctly.
This is known as propagation.
the misnomer propagation is used by people who think DNS data needs  
time to
be available, to "propagate", over several days or a week, for all of
Internet.  This is pure BS. There is no such concept in DNS.
And FYI, speaking of DNS updating:
http://slashdot.org/article.pl?sid=04/07/11/ 
1741225&mode=thread&tid=126&tid=95

KeS
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: dns timeouts

[Kevin Kinsey]

[EMAIL PROTECTED] wrote:
I am new to FREEBSD and trying 5.3 on my compaq presario 2190US laptop.  After 
a fight I got the CD and everything running. Now my dns resolutions keep 
timing out.  I do not see anything on the errata, can someone point me in a 
direction to do some light reading or to a patch.  The problem seems simular 
to a BIND problem on my openBSD NAT, but I found a source patch in Nov..  

$ dig www.freebsd.org
; <<>> DiG 9.3.0 <<>> www.freebsd.org
 


$ ifconfig -a
sis0: flags=8843 mtu 1500
   options=8
   inet 192.168.0.3 netmask 0xff00 broadcast 192.168.0.255
   inet6 fe80::20d:9dff:fe84:da86%sis0 prefixlen 64 scopeid 0x1
   ether 00:0d:9d:84:da:86
   media: Ethernet autoselect (100baseTX )
   status: active
plip0: flags=108810 mtu 1500
lo0: flags=8049 mtu 16384
   inet 127.0.0.1 netmask 0xff00
   inet6 ::1 prefixlen 128
   inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
$ cat resolv.conf
domain  puffy
nameserver  68.87.96.4
 

1.  How's connectivity?  Can you ping by IP address?
Try 66.94.234.13 or 216.109.112.135, for example.
What's the output of `netstat -rn` ?
2.  Are you running a firewall on your gateway that
is either a] not handling NAT properly, or b] blocking
DNS packets to your box at 192.168.0.3?
Just my 2 cents...HTH,
Kevin Kinsey
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problems

[Matt Emmerton]

> gentle people,
> apologies if this question should have been posted in the newbies
> list, but i saw a similar question in the archives of this mailing
> list, which did not quite answer my question.
>
> i'm trying to install FreeBSD for the first time. i'm installing it on
> my desktop.
>
> the installation has gone on pretty cleanly, i have a linksys
> firewall/wireless router behind which i have installed my freeBSD box.
> i have good connectivity and am able to ping, telnet to the internet.
>
> however DNS resolution is a problem.
>
> the browser does not work and for example
> dig www.freebsd.org also does not work.
>
> if i provide the nameserver,dig @server xxx.xxx.xxx - things are fine.
> any ideas. it has to be something really simple.
>
> during the configuration, when i configured my ethernet port, it cleanly
> gets the ip address from the linksys hub and also lists the nameserver
> correctly.
>
> what else do i have to configure ?
>
> ifconfig
> xl0 : flags=8843 mtu 1500
> options=b
> inet6 fe80::250:daff:fe8c:dcaa%x10 prefixlen 64 scopeid 0x1
> inet 192.168.1.105 netmask 0xff00 broadcast 192.168.1.255
> ether 00:50:da:8c:dc:aa
> media Ethernet autoselect (100baseTX )
> status:active
> plip0: flags=8810 mtu 1500
> lo0: flags=8049 mtu 16384
> inet 127.0.0.1 netmask 0xff00
> inet6 :: 1 prefixlen 128
> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
>
> netstat -nr
> Routing tables
>
> Internet:
> DestinationGateway   Flags   RefsUseNetif Expire
> default   192.168.1.1   UGS 00x10
> 127.0.0.1   127.0.0.1   UH   1   76   lo0
> 192.168.1   link#1   UC   0  0  xl0
> 192.168.1.1link#1   UHLW  1  0  xl0
> 192.168.1.105127.0.0.1   UGHS  0  0  lo0
> 192.168.1.255 ff:ff:ff:ff:ff:ff  UHLWb   0  2  xl0
>
> /etc/resolve.conf is empty.

You mean /etc/resolv.conf?  This is where your nameserver should be listed
if you're getting the information properly from your Linksys router.

--
Matt Emmerton

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problems

[ryanv]

I am no expert by any means, but the problem I was having sounds simular. I 
had a fresh install on friday, I could get to the web but dns resolutions 
were incredibly, slow and timing out most of the time.  But my box is now 
working perfectly.

#1 you dns nameservers addresses need to be in /etc/resolv.conf

this still did not solve my problem but it should.  I had to cvsup my /usr/src
and rebuild my world and everything works perfectly.  I do not know if 
something changed in the sources but it worked for me.




On Sunday 09 January 2005 01:39, Rajiv Krishnamurthy wrote:
> gentle people,
> apologies if this question should have been posted in the newbies
> list, but i saw a similar question in the archives of this mailing
> list, which did not quite answer my question.
>
> i'm trying to install FreeBSD for the first time. i'm installing it on
> my desktop.
>
> the installation has gone on pretty cleanly, i have a linksys
> firewall/wireless router behind which i have installed my freeBSD box.
> i have good connectivity and am able to ping, telnet to the internet.
>
> however DNS resolution is a problem.
>
> the browser does not work and for example
> dig www.freebsd.org also does not work.
>
> if i provide the nameserver,dig @server xxx.xxx.xxx - things are fine.
> any ideas. it has to be something really simple.
>
> during the configuration, when i configured my ethernet port, it cleanly
> gets the ip address from the linksys hub and also lists the nameserver
> correctly.
>
> what else do i have to configure ?
>
> ifconfig
> xl0 : flags=8843 mtu 1500
> options=b
> inet6 fe80::250:daff:fe8c:dcaa%x10 prefixlen 64 scopeid 0x1
> inet 192.168.1.105 netmask 0xff00 broadcast 192.168.1.255
> ether 00:50:da:8c:dc:aa
> media Ethernet autoselect (100baseTX )
> status:active
> plip0: flags=8810 mtu 1500
> lo0: flags=8049 mtu 16384
> inet 127.0.0.1 netmask 0xff00
> inet6 :: 1 prefixlen 128
> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
>
> netstat -nr
> Routing tables
>
> Internet:
> DestinationGateway   Flags   RefsUseNetif Expire
> default   192.168.1.1   UGS 00x10
> 127.0.0.1   127.0.0.1   UH   1   76   lo0
> 192.168.1   link#1   UC   0  0  xl0
> 192.168.1.1link#1   UHLW  1  0  xl0
> 192.168.1.105127.0.0.1   UGHS  0  0  lo0
> 192.168.1.255 ff:ff:ff:ff:ff:ff  UHLWb   0  2  xl0
>
> /etc/resolve.conf is empty.
> /etc/hosts is empty.
>
> thanks
> rajiv.
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: dns question

[Dick Davies]

* Jeff MacDonald <[EMAIL PROTECTED]> [0157 12:57]:
> Not really a freebsdquestion specifically.
> 
> My company uses 
>ns.foo.com  and ns1.foo.com for primay/secondary dns, about 200
> domains rely on these.
> 
> We want a new physical machine , in a different location, with a
> different IP to be our secondary dns. lets call it  www.jerky.com ip =
> 244.233.222.211 imaginary..
 
> Can I just make ns1.foo.com point to the new ip address, and update
> the registrar with the new ip for ns1.foo.com, and here's the kicker
> 
> _ NOT have to worry about changing the secondary dns info for all 200
> other domains _

Is the second NS server listed in the domain by hostname?
If so, you'll be alright.
 
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"

-- 
'When you have to kill a man it costs nothing to be polite.'
-- Winston Churchill, On formal declarations of war
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: dns question

[Jeff MacDonald]

I think it depends upon the registrar. Of the 200 domains, they are
probably registered across 2 or 3 registrars.

Some ask for just the host name, while others ask for both hostname and IP.

Jeff.


On Thu, 20 Jan 2005 13:14:01 +, Dick Davies
<[EMAIL PROTECTED]> wrote:
> * Jeff MacDonald <[EMAIL PROTECTED]> [0157 12:57]:
> > Not really a freebsdquestion specifically.
> >
> > My company uses
> >ns.foo.com  and ns1.foo.com for primay/secondary dns, about 200
> > domains rely on these.
> >
> > We want a new physical machine , in a different location, with a
> > different IP to be our secondary dns. lets call it  www.jerky.com ip =
> > 244.233.222.211 imaginary..
> 
> > Can I just make ns1.foo.com point to the new ip address, and update
> > the registrar with the new ip for ns1.foo.com, and here's the kicker
> >
> > _ NOT have to worry about changing the secondary dns info for all 200
> > other domains _
> 
> Is the second NS server listed in the domain by hostname?
> If so, you'll be alright.
> 
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> 
> --
> 'When you have to kill a man it costs nothing to be polite.'
> -- Winston Churchill, On formal declarations of war
> Rasputin :: Jack of All Trades - Master of Nuns
> 


-- 
Jeff MacDonald
http://www.halifaxbudolife.ca
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problem

[gabriel]

They could be negative cached by your isp's dns servers. Personally I
run dnscache to avoid that issue, I don't trust my isp with
_ANYTHING_, but the connection.

Cheers!


On Tue, 25 Jan 2005 17:49:18 +1000, Warren
<[EMAIL PROTECTED]> wrote:
> Im having trouble getting some webpages due to my DNS of the website to my ISP
> dns of the site being different.  im pointing my name server to the dns
> server IP of my ISP .. so why is my IP dns lookups not resolving the right
> IP's ?
> --
> Yours Sincerely
> Shinjii
> http://www.shinji.nq.nu
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> 


-- 
gabriel,

Member of:
FreeBSD-Announce
FreeBSD-Hardware
FreeBSD-Multimedia
FreeBSD-questions
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problem

[Warren]

On Tue, 25 Jan 2005 05:54 pm, gabriel wrote:
> They could be negative cached by your isp's dns servers. Personally I
> run dnscache to avoid that issue, I don't trust my isp with
> _ANYTHING_, but the connection.
>
> Cheers!

I ended up changing the name server addy form the dns server to the actual NS 
server and it worked properly.

-- 
Yours Sincerely
Shinjii
http://www.shinji.nq.nu
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problem

[gabriel]

Very cool. :)

On Tue, 25 Jan 2005 18:04:15 +1000, Warren
<[EMAIL PROTECTED]> wrote:
> On Tue, 25 Jan 2005 05:54 pm, gabriel wrote:
> > They could be negative cached by your isp's dns servers. Personally I
> > run dnscache to avoid that issue, I don't trust my isp with
> > _ANYTHING_, but the connection.
> >
> > Cheers!
> 
> I ended up changing the name server addy form the dns server to the actual NS
> server and it worked properly.
> 
> --
> Yours Sincerely
> Shinjii
> http://www.shinji.nq.nu
> 


-- 
gabriel,

Member of:
FreeBSD-Announce
FreeBSD-Hardware
FreeBSD-Multimedia
FreeBSD-questions
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Prob

[Warren]

On Tue, 25 Jan 2005 06:27 pm, Warren wrote:
> ok i changed the IP in the resolv.conf on the primry machine holding the
> connection to the ent and on this local machine to the ns server .. yet for
> some reason the IP dosent change on this machien but does on the other ..
> what am i missing ?

Ok it seems something is re-writing the resolv.conf file after i go in and 
change the IP address from my ISP dns server to there NS server .. anyone got 
any idea as to what or why this is happening ?

-- 
Yours Sincerely
Shinjii
http://www.shinji.nq.nu
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Prob

[Lowell Gilbert]

Warren <[EMAIL PROTECTED]> writes:

> On Tue, 25 Jan 2005 06:27 pm, Warren wrote:
> > ok i changed the IP in the resolv.conf on the primry machine holding the
> > connection to the ent and on this local machine to the ns server .. yet for
> > some reason the IP dosent change on this machien but does on the other ..
> > what am i missing ?
> 
> Ok it seems something is re-writing the resolv.conf file after i go in and 
> change the IP address from my ISP dns server to there NS server .. anyone got 
> any idea as to what or why this is happening ?

Are you running dhclient?  If so, configure it not to do that
("supersede" or "prepend" in dhclient.conf(5))...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problem

[Thomas Foster]

I am not quite sure of your name server setup, or even your registrant for 
your domain name.. but I do have a few questions

Is this DNS server behind a firewall?
Is this DNS server master for your zone?
What is your zone name?
Does your Domian registration include this server as primary for your domain 
name?

check out : http://www.section6.net/help/bind.php
for information on setting up BIND (if that is what you are using)
T
- Original Message - 
From: "ZaiD Dashti" <[EMAIL PROTECTED]>
To: 
Sent: Tuesday, January 25, 2005 7:45 AM
Subject: DNS problem


hello
i have a problem with my DNS server.
first, i have a registered domain name and i want to change its NS server 
to my server to host it in my home (just for learning about DNS)

second (the problem), when i use nslookup from another computers in my 
local network, the dns
server works fine, but when external connection (internet connection, let 
say my friend connection) tryies to use my dns server, i got error message 
"DNS request timed out", why ? and how to solve it ?

NOTE: i have an ADSL account, which mean i'm using a router to connect to 
the internet, and i'm redirection all ports from the external connections 
to my machine ip, so that i'm able to open a server or to connect to my 
machine from anywhere.

thanks
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problem

[ZaiD Dashti]

No there is no firewall
Yes my DNS is the master of my zone
my zone name is: zdashi.com
Does your Domian registration include this server as primary for your 
domain name?
yes
From: "Thomas Foster" <[EMAIL PROTECTED]>
To: "ZaiD Dashti" <[EMAIL PROTECTED]>,<[EMAIL PROTECTED]>
Subject: Re: DNS problem
Date: Tue, 25 Jan 2005 10:29:58 -0800
I am not quite sure of your name server setup, or even your registrant for 
your domain name.. but I do have a few questions

Is this DNS server behind a firewall?
Is this DNS server master for your zone?
What is your zone name?
Does your Domian registration include this server as primary for your 
domain name?

check out : http://www.section6.net/help/bind.php
for information on setting up BIND (if that is what you are using)
T
- Original Message - From: "ZaiD Dashti" <[EMAIL PROTECTED]>
To: 
Sent: Tuesday, January 25, 2005 7:45 AM
Subject: DNS problem

hello
i have a problem with my DNS server.
first, i have a registered domain name and i want to change its NS server 
to my server to host it in my home (just for learning about DNS)

second (the problem), when i use nslookup from another computers in my 
local network, the dns
server works fine, but when external connection (internet connection, let 
say my friend connection) tryies to use my dns server, i got error message 
"DNS request timed out", why ? and how to solve it ?

NOTE: i have an ADSL account, which mean i'm using a router to connect to 
the internet, and i'm redirection all ports from the external connections 
to my machine ip, so that i'm able to open a server or to connect to my 
machine from anywhere.

thanks
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problem

[ZaiD Dashti]

i think my ISP blocking port 53, i will call them
thanks
From: [EMAIL PROTECTED]
To: ZaiD Dashti <[EMAIL PROTECTED]>
CC: freebsd-questions@FreeBSD.org
Subject: Re: DNS problem
Date: Tue, 25 Jan 2005 18:39:52 +0100
On Tue, Jan 25, 2005 at 03:45:22PM +, ZaiD Dashti wrote:
> hello
>
> i have a problem with my DNS server.
>
> first, i have a registered domain name and i want to change its NS 
server
> to my server to host it in my home (just for learning about DNS)

If you have a domain, you must setup at least two different DNS
servers. Both must be on physically different networks. Are you
sure that the domain is set up properly? I could dig from here,
but since you didn't specify the domain...
> second (the problem), when i use nslookup from another computers in my
> local network, the dns
> server works fine, but when external connection (internet connection, 
let
> say my friend connection) tryies to use my dns server, i got error 
message
> "DNS request timed out", why ? and how to solve it ?

How long since you redirected the nameserver records from your
registrar account? It can take up to 72 hours for the changes to
propagate, depending on the TLD. Some TLD propagate changes much
faster now, but it can still takes many hours all DNS caches to
expire old stuff.
> NOTE: i have an ADSL account, which mean i'm using a router to connect 
to
> the internet, and i'm redirection all ports from the external 
connections
> to my machine ip, so that i'm able to open a server or to connect to my
> machine from anywhere.

Running a DNS server from an ADSL link is not recommended.
Are you sure that your ISP is not blocking port 53 to your
fixed address? And are you sure that your DNS server is actually
listening on the public interface at all (if you have a multi-homed
host) a.k.a does sockstat -46l show something like *:53?
> thanks
Cheers,
-cpghost.
--
Cordula's Web. http://www.cordula.ws/

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problem

[Thomas Foster]

I dont see your name server listed for your domain in the WHOIS database..
are you wanting to use homelinux.net as your DNS server?  what is the 
address of your DNS server.. also.. I agree.. check with your ISP to see if 
they are blocking UDP port 53

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Hostway Whois Server Version 1.0
Domain Name: zdashi.com
  Registrar:   AAAQ.COM
  Whois Server: whois.aaaq.com
  Referral URL: http://www.aaaq.com
  Name Server: ns-bsd.homelinux.net
  Name Server: a.dns.hostway.net
  Status:  ACTIVE
  Updated Date 2005-01-25
  Creation Date: 2004-10-04
  Expiration Date: 2005-10-04
- Original Message - 
From: "ZaiD Dashti" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: 
Sent: Tuesday, January 25, 2005 11:03 AM
Subject: Re: DNS problem


i think my ISP blocking port 53, i will call them
thanks
From: [EMAIL PROTECTED]
To: ZaiD Dashti <[EMAIL PROTECTED]>
CC: freebsd-questions@FreeBSD.org
Subject: Re: DNS problem
Date: Tue, 25 Jan 2005 18:39:52 +0100
On Tue, Jan 25, 2005 at 03:45:22PM +, ZaiD Dashti wrote:
> hello
>
> i have a problem with my DNS server.
>
> first, i have a registered domain name and i want to change its NS
server
> to my server to host it in my home (just for learning about DNS)
If you have a domain, you must setup at least two different DNS
servers. Both must be on physically different networks. Are you
sure that the domain is set up properly? I could dig from here,
but since you didn't specify the domain...
> second (the problem), when i use nslookup from another computers in my
> local network, the dns
> server works fine, but when external connection (internet connection,
let
> say my friend connection) tryies to use my dns server, i got error
message
> "DNS request timed out", why ? and how to solve it ?
How long since you redirected the nameserver records from your
registrar account? It can take up to 72 hours for the changes to
propagate, depending on the TLD. Some TLD propagate changes much
faster now, but it can still takes many hours all DNS caches to
expire old stuff.
> NOTE: i have an ADSL account, which mean i'm using a router to connect
to
> the internet, and i'm redirection all ports from the external
connections
> to my machine ip, so that i'm able to open a server or to connect to my
> machine from anywhere.
Running a DNS server from an ADSL link is not recommended.
Are you sure that your ISP is not blocking port 53 to your
fixed address? And are you sure that your DNS server is actually
listening on the public interface at all (if you have a multi-homed
host) a.k.a does sockstat -46l show something like *:53?
> thanks
Cheers,
-cpghost.
--
Cordula's Web. http://www.cordula.ws/

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problem

[cpghost]

On Tue, Jan 25, 2005 at 03:45:22PM +, ZaiD Dashti wrote:
> hello
> 
> i have a problem with my DNS server.
> 
> first, i have a registered domain name and i want to change its NS server 
> to my server to host it in my home (just for learning about DNS)

If you have a domain, you must setup at least two different DNS
servers. Both must be on physically different networks. Are you
sure that the domain is set up properly? I could dig from here,
but since you didn't specify the domain...

> second (the problem), when i use nslookup from another computers in my 
> local network, the dns
> server works fine, but when external connection (internet connection, let 
> say my friend connection) tryies to use my dns server, i got error message 
> "DNS request timed out", why ? and how to solve it ?

How long since you redirected the nameserver records from your
registrar account? It can take up to 72 hours for the changes to
propagate, depending on the TLD. Some TLD propagate changes much
faster now, but it can still takes many hours all DNS caches to
expire old stuff.

> NOTE: i have an ADSL account, which mean i'm using a router to connect to 
> the internet, and i'm redirection all ports from the external connections 
> to my machine ip, so that i'm able to open a server or to connect to my 
> machine from anywhere.

Running a DNS server from an ADSL link is not recommended.

Are you sure that your ISP is not blocking port 53 to your
fixed address? And are you sure that your DNS server is actually
listening on the public interface at all (if you have a multi-homed
host) a.k.a does sockstat -46l show something like *:53?

> thanks

Cheers,
-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: DNS problem?

[John Brooks]

> I am running a FreeBSD server behind a Linksys Wireless Access
> Point / Router (BEFW11S4). Its local address is 192.168.1.1. The
> Linksys is attached to a DSL modem.  In my /etc/rc.conf file I have
> defaultrouter=192.168.1.1
> which works most of the time. However occasionally, all network
> traffic freezes, I cannot login to the server using ssh and my
> mailing lists and websites do not function. If, at my server, I type
> "host someip.com" it reports 'no server can be found' or some similar
> message (I sorry, I didn't note down the exact message) - a reboot
> has fixed the problem.
>
> I assume that the problem is that the server is unable to find a DNS
> server. Is that right?

Probably...

> Do I have it right that I should point defaultrouter at the firewall?

Assuming that the firewall is your gateway to the outside world, then
yes.

> How do I tell FreeBSD about other DNS servers to use if the firewall
> route fails?

If your resolving dns servers as listed in /etc/resolv.conf are outside
the firewall, then they cannot be reached if the default route is down.
Likewise if your resolving dns servers are inside or on the firewall, then
their queries will never be answered. The effect is the same, you don't get
an answer. Unless they have some cached results that have not yet timed out,
but even with the cached answer you still cannot reach the destination,
so the end effect is the same - you know where to go but cannot get there.

> Why does pointing defaultrouter at the filewall fail?

Cable unplugged, switch down, nic dead, firewall down, upstream isp out,
isp router down, electricity out, hard drive on firewall crashed, dsl/cable
modem out, telco burped, and so forth for another hundred possible
reasons...

You could start troubleshooting by these steps:

1) ping 127.0.0.1
2) ping ip of local machine
3) ping localhost
4) ping hostname of local machine
5) ping another host on same lan by ip address
6) ping another host on same lan by hostname (if any exist in /etc/hosts)
7) ping interior ip of firewall (192.168.1.1)
8) ping exterior ip of firewall
9) ping default gateway of firewall
10) ping ip address of some internet host (yahoo.com = 66.94.234.13)

As you proceed down this list it will give you clues as to what is wrong,
and tell you where to look. Good luck...

>
> Thanks
>
> Alan
>
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS problem?

[Alan Curtis]

On 6/8/05, John Brooks <[EMAIL PROTECTED]> wrote:
> > I am running a FreeBSD server behind a Linksys Wireless Access
> > Point / Router (BEFW11S4). Its local address is 192.168.1.1. The
> > Linksys is attached to a DSL modem.  In my /etc/rc.conf file I have
> > defaultrouter=192.168.1.1
> > which works most of the time. However occasionally, all network
> > traffic freezes, I cannot login to the server using ssh and my
> > mailing lists and websites do not function. If, at my server, I type
> > "host someip.com" it reports 'no server can be found' or some similar
> > message (I sorry, I didn't note down the exact message) - a reboot
> > has fixed the problem.
> >
> > I assume that the problem is that the server is unable to find a DNS
> > server. Is that right?
> 
> Probably...
> 
> > Do I have it right that I should point defaultrouter at the firewall?
> 
> Assuming that the firewall is your gateway to the outside world, then
> yes.
> 
> > How do I tell FreeBSD about other DNS servers to use if the firewall
> > route fails?
> 
> If your resolving dns servers as listed in /etc/resolv.conf are outside
> the firewall, then they cannot be reached if the default route is down.
> Likewise if your resolving dns servers are inside or on the firewall, then
> their queries will never be answered. The effect is the same, you don't get
> an answer. Unless they have some cached results that have not yet timed out,
> but even with the cached answer you still cannot reach the destination,
> so the end effect is the same - you know where to go but cannot get there.
> 
> > Why does pointing defaultrouter at the filewall fail?
> 
> Cable unplugged, switch down, nic dead, firewall down, upstream isp out,
> isp router down, electricity out, hard drive on firewall crashed, dsl/cable
> modem out, telco burped, and so forth for another hundred possible
> reasons...
> 
> You could start troubleshooting by these steps:
> 
> 1) ping 127.0.0.1
> 2) ping ip of local machine
> 3) ping localhost
> 4) ping hostname of local machine
> 5) ping another host on same lan by ip address
> 6) ping another host on same lan by hostname (if any exist in /etc/hosts)
> 7) ping interior ip of firewall (192.168.1.1)
> 8) ping exterior ip of firewall
> 9) ping default gateway of firewall
> 10) ping ip address of some internet host (yahoo.com = 66.94.234.13)
> 
> As you proceed down this list it will give you clues as to what is wrong,
> and tell you where to look. Good luck...
> 
> >


Thank you John.

I will try this series of pings the next time my server freezes. I did
try something similiar, if not so methodical last time it froze and
could ping most things on the interior. The firewall was still working
as I could still access the outside using other computers on the
network, so I think the problem was with the server somehow.

Alan
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: DNS problem?

[John Brooks]

are the dns servers of the other computers the SAME as the freebsd
server?  what are the contents of /etc/resolv.conf?

--
John Brooks
[EMAIL PROTECTED] 

> 
> Thank you John.
> 
> I will try this series of pings the next time my server freezes. I did
> try something similiar, if not so methodical last time it froze and
> could ping most things on the interior. The firewall was still working
> as I could still access the outside using other computers on the
> network, so I think the problem was with the server somehow.
> 
> Alan
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS setup

[Casey Scott]

If you are just looking to be able to resolve DNS internally, you can very
easily setup your FBSD box to be a forwarding DNS server, and point all
your other machines at it for DNS resolution. There are many howtos
covering this subject.

Casey


> I am running FreeBSD 5.3-STABLE behind a Linksys Wireless Access
> Point and Firewall and a DSL modem. My ISP assigns me a dynamic IP
> address which changes on a regular basis and the root domain and
> Domain Name Servers associated with that domain also change. I have
> seen at least 3 different root domains.
>
> I have a number of machines on my wireless network and I would like
> them to be able to find one another. To do this I have assigned them
> fixed IP addresses.
>
> My problem how to assign the Domain Name Servers for all the
> machines. I point them all at the Linksys, which seems to work most
> of the time, but occasionally network traffic gets really slow and I
> suspect that its a DNS problem.
>
> Can I set up something on my FreeBSD server to help solve this problem?
>
> Alan
>
>
>
>
>
>
>
>
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
>


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS setup

[Alejandro Pulver]

On Sun, 3 Jul 2005 11:07:41 -0400
Alan Curtis <[EMAIL PROTECTED]> wrote:

> I am running FreeBSD 5.3-STABLE behind a Linksys Wireless Access  
> Point and Firewall and a DSL modem. My ISP assigns me a dynamic IP  
> address which changes on a regular basis and the root domain and  
> Domain Name Servers associated with that domain also change. I have  
> seen at least 3 different root domains.
> 
> I have a number of machines on my wireless network and I would like  
> them to be able to find one another. To do this I have assigned them  
> fixed IP addresses.
> 
> My problem how to assign the Domain Name Servers for all the  
> machines. I point them all at the Linksys, which seems to work most  
> of the time, but occasionally network traffic gets really slow and I  
> suspect that its a DNS problem.
> 
> Can I set up something on my FreeBSD server to help solve this
> problem?
> 
> Alan
> 

Hello,

If you think the problem is on your ISP DNS servers, you have two
alternatives:

1) Set up a local DNS server on all the machines of the network.

2) Set up a DNS server on one machine, that answers queries to all the
   machines of the network.

If you want more detailed information about them (like how to set them
up), ask me.

Best Regards,
Ale
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS setup

[Alan Curtis]

On Jul 3, 2005, at 4:17 PM, Leon Messner wrote:


On Sun, Jul 03, 2005 at 11:07:41AM -0400, Alan Curtis wrote:


I am running FreeBSD 5.3-STABLE behind a Linksys Wireless Access
Point and Firewall and a DSL modem. My ISP assigns me a dynamic IP
address which changes on a regular basis and the root domain and
Domain Name Servers associated with that domain also change. I have
seen at least 3 different root domains.

I have a number of machines on my wireless network and I would like
them to be able to find one another. To do this I have assigned them
fixed IP addresses.

My problem how to assign the Domain Name Servers for all the
machines. I point them all at the Linksys, which seems to work most
of the time, but occasionally network traffic gets really slow and I
suspect that its a DNS problem.

Can I set up something on my FreeBSD server to help solve this  
problem?


Alan



Hi,
if you're looking for a application serving you DNS look at
http://cr.yp.to/djbdns.html for HowTo's and software. I use it for a
similar setup as you have and also you can win $500 if you find the
first security hole in the latest releases.



I tried following the instructions at http://cr.yp.to/djbdns/run- 
cache-x.html. Got as far as


5. As root, tell svscan about the new service, and use svstat to  
check that the service is up:


 ln -s /etc/dnscache /service
 sleep 5
 svstat /service/dnscache


and was told ...

/service/dnscache: unable to chdir: file does not exist

Alan








___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS setup

[Alan Curtis]

On Jul 3, 2005, at 11:57 AM, Alejandro Pulver wrote:


On Sun, 3 Jul 2005 11:07:41 -0400
Alan Curtis <[EMAIL PROTECTED]> wrote:



I am running FreeBSD 5.3-STABLE behind a Linksys Wireless Access
Point and Firewall and a DSL modem. My ISP assigns me a dynamic IP
address which changes on a regular basis and the root domain and
Domain Name Servers associated with that domain also change. I have
seen at least 3 different root domains.

I have a number of machines on my wireless network and I would like
them to be able to find one another. To do this I have assigned them
fixed IP addresses.

My problem how to assign the Domain Name Servers for all the
machines. I point them all at the Linksys, which seems to work most
of the time, but occasionally network traffic gets really slow and I
suspect that its a DNS problem.

Can I set up something on my FreeBSD server to help solve this
problem?

Alan




Hello,

If you think the problem is on your ISP DNS servers, you have two
alternatives:

1) Set up a local DNS server on all the machines of the network.

2) Set up a DNS server on one machine, that answers queries to all the
   machines of the network.

If you want more detailed information about them (like how to set them
up), ask me.



I do need some clear instructions. I tried djbdns without success  
(see another post) and also the instructions under 'Domain Name  
System (DNS)' in the FreeBSD Handbook.


I added named_enable="YES" to /etc/rc.conf. Used the default  
configuration file without any zone (as suggested in the Handbook).  
There is no 'ndc' on my machine. I assume I must use 'rndc' instead.  
Ran 'rndc start' and was told


rndc: connect failed: connection refused

Saw nothing in /var/log/messages or /var/log/console.log

Alan


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS setup

[Alejandro Pulver]

On Sun, 3 Jul 2005 18:23:31 -0400
Alan Curtis <[EMAIL PROTECTED]> wrote:

> 
> On Jul 3, 2005, at 11:57 AM, Alejandro Pulver wrote:
> 
> > On Sun, 3 Jul 2005 11:07:41 -0400
> > Alan Curtis <[EMAIL PROTECTED]> wrote:
> >
> >
> >> I am running FreeBSD 5.3-STABLE behind a Linksys Wireless Access
> >> Point and Firewall and a DSL modem. My ISP assigns me a dynamic IP
> >> address which changes on a regular basis and the root domain and
> >> Domain Name Servers associated with that domain also change. I have
> >> seen at least 3 different root domains.
> >>
> >> I have a number of machines on my wireless network and I would like
> >> them to be able to find one another. To do this I have assigned
> >them > fixed IP addresses.
> >>
> >> My problem how to assign the Domain Name Servers for all the
> >> machines. I point them all at the Linksys, which seems to work most
> >> of the time, but occasionally network traffic gets really slow and
> >I > suspect that its a DNS problem.
> >>
> >> Can I set up something on my FreeBSD server to help solve this
> >> problem?
> >>
> >> Alan
> >>
> >>
> >
> > Hello,
> >
> > If you think the problem is on your ISP DNS servers, you have two
> > alternatives:
> >
> > 1) Set up a local DNS server on all the machines of the network.
> >
> > 2) Set up a DNS server on one machine, that answers queries to all
> > the
> >machines of the network.
> >
> > If you want more detailed information about them (like how to set
> > them up), ask me.
> >
> 
> I do need some clear instructions. I tried djbdns without success  
> (see another post) and also the instructions under 'Domain Name  
> System (DNS)' in the FreeBSD Handbook.
> 
> I added named_enable="YES" to /etc/rc.conf. Used the default  
> configuration file without any zone (as suggested in the Handbook).  
> There is no 'ndc' on my machine. I assume I must use 'rndc' instead.  
> Ran 'rndc start' and was told
> 
> rndc: connect failed: connection refused
> 
> Saw nothing in /var/log/messages or /var/log/console.log
> 
> Alan
> 

Hello,

You need to run "rndc-confgen", and save the output in a temporary file.

Then you have to look at it: there is one part to be put to
"/etc/namedb/named.conf" and the other to "/etc/namedb/rndc.conf".

Example:

% rndc-confgen

= add to /etc/namedb/rndc.conf =

# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "zCgi4/rmS+O0ZENRWk22SQ==";
};

options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf

= add to /etc/namedb/named.conf =

# Use with the following in named.conf, adjusting the allow list as
needed: # key "rndc-key" {
#   algorithm hmac-md5;
#   secret "zCgi4/rmS+O0ZENRWk22SQ==";
# };
# 
# controls {
#   inet 127.0.0.1 port 953
#   allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf

IIRC before FreeBSD 5.4 there was a "ndc" (like rndc, but only local and
did not need setup). The "rndc" is for remote control (however it can
also be used as local with the loopback address 127.0.0.1).

The key is randomly generated (automatically), and it has to match in
the two files.

After that the connection will be allowed (however the "start" command
does not exist, you have to start it manually - "named" - and then you
can control it with rndc).

The file rndc.conf has to be placed on the machine you want to control
the name server from. But if it is not the same machine that runs the
name server, you have to put its IP address instead of 127.0.0.1.

The "inet" statements in named.conf specifies the IP address the name
server will listen (for rndc). You will have to put here the IP address
of the machine (and the localhost to be controled locally) in the
network to be controlled from other machines.

The "allow" statement in named.conf specifies from which hosts you can
(remotely) control the name server. The address 127.0.0.1 is the
loopback (internal address), but you can add the IP address of other
machines too (note that they need the rndc.conf file set appropiately).

If you have questions about this ask me.

If you want examples I can provide you some.

Then let me know if you want option 1) or 2) so I can help you with the
next step. 

1) Have an independent DNS server on each machine (there is one for
   Windows called TreeWalk - free -, that is the same as named).

2) Put a DNS server on *one* machine, and that DNS server is used by all
   the machines on the network.

Hope that Helps.

Best Regards,
Ale
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS setup

[Alan Curtis]

On Jul 3, 2005, at 7:01 PM, Alejandro Pulver wrote:


If you want examples I can provide you some.

Then let me know if you want option 1) or 2) so I can help you with  
the

next step.

1) Have an independent DNS server on each machine (there is one for
   Windows called TreeWalk - free -, that is the same as named).

2) Put a DNS server on *one* machine, and that DNS server is used  
by all

   the machines on the network.



I would like to implement 2.

Thanks for your help.

Alan


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS setup

[Ken Ebling]

On Jul 3, 2005, at 6:23 PM, Alan Curtis wrote:


I do need some clear instructions. I tried djbdns without success  
(see another post) and also the instructions under 'Domain Name  
System (DNS)' in the FreeBSD Handbook.


I added named_enable="YES" to /etc/rc.conf. Used the default  
configuration file without any zone (as suggested in the Handbook).  
There is no 'ndc' on my machine. I assume I must use 'rndc'  
instead. Ran 'rndc start' and was told


rndc: connect failed: connection refused

Saw nothing in /var/log/messages or /var/log/console.log

Alan


On FreeBSD 5.x, I use "/etc/rc.d/named {start | stop | restart}" for  
controlling BIND.


Ken Ebling

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS setup

[Ken Ebling]

On Jul 3, 2005, at 8:21 PM, Alan Curtis wrote:



On Jul 3, 2005, at 7:01 PM, Alejandro Pulver wrote:



If you want examples I can provide you some.

Then let me know if you want option 1) or 2) so I can help you  
with the

next step.

1) Have an independent DNS server on each machine (there is one for
   Windows called TreeWalk - free -, that is the same as named).

2) Put a DNS server on *one* machine, and that DNS server is used  
by all

   the machines on the network.




I would like to implement 2.

Thanks for your help.

Alan


It's pretty easy to get working on FreeBSD 5.3.  This is how I'd do it:

1) cd /etc/named

2) sh make-localhost

3) echo "named_enable=\"YES\"" >> /etc/rc.conf  (note two double  
quotes after "YES\" and two ">")


4) edit /etc/namedb/named.conf to suit your needs.  (you'll probably  
need to change the "listen-on" directive to add the IP address of  
your machine, because it's defaulted to 127.0.0.1, which means bind  
won't be listening on the network interface.)


5) /etc/rc.d/named start

 That's it.  Now your machines can be configured to use that system  
as their primary name server.


You may still want  to do some things, like disallow other people  
from using your name servers, by only enabling "recursion" for your  
machines.


You can find detailed instructions on configuring recursion here:   
http://www.netadmintools.com/art234.html


Ken Ebling

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Question

[Matthew Seaman]

DAve wrote:

Good morning.

I have been asked by my co-workers and sales why I always create a A 
record for new domains we host instead of a CNAME.


The issue I run into lately with some domains is that a client has a 
website with a industry host such as frank.relator.com and he wants to 
have DNS point www.frank.com to frank.relator.com with a CNAME. The 
client does not want an A record for frank.com.


Somewhere, in a class far far away, I was taught a DNS zone had to have 
a A record to function properly. I can't seem to locate anything in the 
RFCs.


Am I wrong?


Yes, you're wrong.

In terms of web service, you can use either an A record or a CNAME record
to provide the address part of a site's URL[*].  As far as the web server is
concerned, it looks for the 'Host=' line in the HTTP packet to decide what
name-based VHOST to dispatch the query to internally, and doesn't necessarily
do any DNS lookups at all.  Web clients just do a gethostbyname(3) or 
getaddrinfo(3) call to resolve the  site name into an IP, and anything 
supported by those (/etc/hosts, NIS, LDAP, DNS) will do the trick.

In terms of the DNS a 'Zone' is a delegated block of the name space under
a single administrative control.  Typically with BIND this maps onto a single
'Zone file' containing all of the DNS resource records for the zone.  The only 
records a zone *has* to have are:

  * 1 SOA record, with the zone serial number

  * Some number of NS records giving the nameservers for the zone.

It's perfectly permissible to have a zone that doesn't contain any A
records (or  records) and in fact, reasonably common: reverse domains
generally contain mostly PTR records. 


Cheers,

Matthew

[*] Possibly others, but A and CNAME are the vast majority.  Being able to
use SRV for webservers would be cool.

--
Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
 Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
 Kent, CT11 9PW



signature.asc
Description: OpenPGP digital signature

Re: DNS Question

[DAve]

Sean Cavanaugh wrote:

 > Date: Fri, 23 Oct 2009 08:30:08 -0400
 > From: dave.l...@pixelhammer.com
 > To: freebsd-questions@freebsd.org
 > Subject: DNS Question
 >
 > Good morning.
 >
 > I have been asked by my co-workers and sales why I always create a A
 > record for new domains we host instead of a CNAME.
 >
 > The issue I run into lately with some domains is that a client has a
 > website with a industry host such as frank.relator.com and he wants to
 > have DNS point www.frank.com to frank.relator.com with a CNAME. The
 > client does not want an A record for frank.com.
 >
 > Somewhere, in a class far far away, I was taught a DNS zone had to have
 > a A record to function properly. I can't seem to locate anything in the
 > RFCs.
 >
 > Am I wrong?
 >

 
I think you are confusing basics of DNS records. you are partially 
correct in that a DNS zone needs an initial A record to be able to 
translate a name to an IP, but there is nothing wrong about setting up a 
CNAME to point to a record in a different zone instead. you just cannot 
do a zone that has a CNAME only that does not at some point to a valid A 
record. CNAMEs are forwarders only whereas A records are actual lookups.
 
for proper way to set this up
 
The A record would be assigned for the main name that you want to 
associate to an IP address.
The CNAME record just relates a different name to that original name. 
this allows you to change the IP address of the server and only have to 
update the original A record instead of every DNS record for that server.
 
for small number of vhosts, this would not really be an issue, but 
imagine if you were hosting a couple hundred vhosts from a single IP and 
then had to change that IP because you switched your ISP. It would take 
you a LONG time to update them if they were all A records, but only a 
couple of seconds if you had it properly set up as CNAME's
 
www.bobshosting.com A 192.168.0.1
www.vhost1.com   CNAME  
www.bobshosting.com .
www.vhost2.com   CNAME  
www.bobshosting.com .
www.vhost3.com   CNAME  
www.bobshosting.com .
www.vhost4.com   CNAME  
www.bobshosting.com .


 
 
-Sean


All true, and I did not do a very good job of explaining it. My issue 
was that we have requests to use a CNAME for the domain record. Such as 
this.


example.com  CNAME  otherdomain.com
www.example.com  CNAME   otherdomain.com

I was taught this was not good form, but allowed. I can deal with it. 
But what of having a SOA record for example.com, no A or CNAME record 
for the TLD example.com, only hosts such as www, ns1, ftp, etc.


I tried it an it seems to work fine, but doesn't look proper to me. Then 
again I remember when CNAME were considered evil.


DAve

--
"Posterity, you will know how much it cost the present generation to
preserve your freedom.  I hope you will make good use of it.  If you
do not, I shall repent in heaven that ever I took half the pains to
preserve it." John Quincy Adams

http://appleseedinfo.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS Question

[Len Conrad]

>
>All true, and I did not do a very good job of explaining it. My issue 
>was that we have requests to use a CNAME for the domain record. Such as 
>this.
>
>example.com  CNAME  otherdomain.com
>www.example.com  CNAME   otherdomain.com
>
>I was taught this was not good form

worse, it's illegal.

, but allowed. I can deal with it. 
>But what of having a SOA record for example.com, no A or CNAME record 
>for the TLD example.com, only hosts such as www, ns1, ftp, etc.
>
>I tried it an it seems to work fine, but doesn't look proper to me. Then 
>again I remember when CNAME were considered evil.

CNAMEs are still evil, unless 
1) no other solution exists and 
2) the user knows how to use CNAMEs (rare).

Len

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

RE: DNS Question

[Len Conrad]

>> >All true, and I did not do a very good job of explaining it. My issue 
>> >was that we have requests to use a CNAME for the domain record. Such as 
>> >this.
>> >
>> >example.com CNAME otherdomain.com
>> >www.example.com CNAME otherdomain.com
>> >
>> >I was taught this was not good form
>> 
>> worse, it's illegal.
>
>
>how is this illegal?

CNAME rule: 

a node with a CNAME cannot contain any other records. 

for the node domain.tld:

domain.tld. soa ...
domain.tld. ns ...
domain.tld. cname otherdomain.tld.

this node has a CNAME and "other data", so it's illegal, no matter what you 
want to do, or what makes sense to you, or what is convenient for you.

Len


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS Question

[Chuck Swiger]

Hi--

On Oct 23, 2009, at 9:18 AM, Sean Cavanaugh wrote:

worse, it's illegal.


how is this illegal? if you are residing your domain on a hosting  
service, this makes sense to me. Granted its bad form and should  
have an A record to the host for the main domain record, but if i  
had control over "otherdomain.com" and not "example.com" and had to  
change the IP address, "example.com" would be dead until i was able  
to reach the owner of that domain and have them change their DNS info.


You aren't supposed to use CNAMES for anything found in other RR's; in  
particular, you should always use an A record with the hostnames used  
for nameservers (ie, have an NS record), because you are supposed to  
be using the canonical name rather than an alias.


See:

  
http://docstore.mik.ua/orelly/networking/sendmail/ch21_03.htm#SML2-CH-21-SECT-3-2

You might also find a discussion of webserver redirects and the like  
interesting:


  http://www.aitechsolutions.net/cname-serveralias-redirection.html

Regards,
--
-Chuck

PS: It's odd where google pulls up references to fairly canonical  
docs, sometimes.  I'm not sure I even recognize "ua", and I suspect I  
deal with two-letter ISO 3166 country names more than most folks do.   
Maybe Ukraine?  :-)

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

RE: DNS Question

[Sean Cavanaugh]

> >how is this illegal?
> 
> CNAME rule: 
> 
> a node with a CNAME cannot contain any other records. 
> 
> for the node domain.tld:
> 
> domain.tld. soa ...
> domain.tld. ns ...
> domain.tld. cname otherdomain.tld.
> 
> this node has a CNAME and "other data", so it's illegal, no matter what you 
> want to do, or what makes sense to you, or what is convenient for you.
> 


 

 

ah yes, forgot about that. you are correct on that line. 

 

-Sean
  
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS Question

[Matthew Seaman]

Chuck Swiger wrote:

Hi--

On Oct 23, 2009, at 9:18 AM, Sean Cavanaugh wrote:

worse, it's illegal.


how is this illegal? if you are residing your domain on a hosting 
service, this makes sense to me. Granted its bad form and should have 
an A record to the host for the main domain record, but if i had 
control over "otherdomain.com" and not "example.com" and had to change 
the IP address, "example.com" would be dead until i was able to reach 
the owner of that domain and have them change their DNS info.


You aren't supposed to use CNAMES for anything found in other RR's; in 
particular, you should always use an A record with the hostnames used 
for nameservers (ie, have an NS record), because you are supposed to be 
using the canonical name rather than an alias.


Errr?  You mean the rule that NS and MX and SRV rdata must include an A record
rather than a CNAME?  That's true, but what does that have to do with web
serving? 


The illegality mentioned further upthread is that you can't use a CNAME at a 
zone apex because of the 'CNAME and other data rule'[*] -- as there's always 
got to be SOA and NS records at the zone apex, if you want a web page at 
'example.com' you'ld have to provide an A or  record for it.  Unless you're 
Verisign and have control over the nameservers for .com, this is almost 
certainly illegal:

example.com. IN CNAME www.example.com

On the other hand:

www.example.com. IN CNAME example.com.

is generally fine.


PS: It's odd where google pulls up references to fairly canonical
docs, sometimes.  I'm not sure I even recognize "ua", and I suspect I
deal with two-letter ISO 3166 country names more than most folks do.
Maybe Ukraine?  :-)


Of course it's Ukraine.  .uk was already taken, even though the two letter
iso-code for this country is officially .gb.  We're in an exclusive club of
two nations that generally don't use their official iso-code in the DNS.  No
prizes for guessing which the other one is.

Cheers,

Matthew

[*] Little known factoid, but there are two legal exceptions to the 'CNAME
and other data' rule.  You can have RRSIG or NSEC records at the same label
as CNAME -- see RFC 4035.  Obscure DNS trivia for 100, Alex...

--
Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
 Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
 Kent, CT11 9PW



signature.asc
Description: OpenPGP digital signature

Re: DNS Question

[Chuck Swiger]

On Oct 23, 2009, at 10:31 AM, Matthew Seaman wrote:
You aren't supposed to use CNAMES for anything found in other RR's;  
in particular, you should always use an A record with the hostnames  
used for nameservers (ie, have an NS record), because you are  
supposed to be using the canonical name rather than an alias.


Errr?  You mean the rule that NS and MX and SRV rdata must include  
an A record
rather than a CNAME?  That's true, but what does that have to do  
with web

serving?


Consider the case of redirects involving cnames; you end up with a lot  
of extra DNS traffic.


The illegality mentioned further upthread is that you can't use a  
CNAME at a zone apex because of the 'CNAME and other data rule'[*]  
-- as there's always got to be SOA and NS records at the zone apex,  
if you want a web page at 'example.com' you'ld have to provide an A  
or  record for it.  Unless you're Verisign and have control over  
the nameservers for .com, this is almost certainly illegal:


example.com. IN CNAME www.example.com

On the other hand:

www.example.com. IN CNAME example.com.

is generally fine.


It's generally fine, sure, but almost never ideal.  You don't save  
traffic by using CNAMEs instead of A records



PS: It's odd where google pulls up references to fairly canonical
docs, sometimes.  I'm not sure I even recognize "ua", and I suspect I
deal with two-letter ISO 3166 country names more than most folks do.
Maybe Ukraine?  :-)


Of course it's Ukraine.  .uk was already taken, even though the two  
letter
iso-code for this country is officially .gb.  We're in an exclusive  
club of
two nations that generally don't use their official iso-code in the  
DNS.  No

prizes for guessing which the other one is.


Shucks, how can you pull in Jeopardy references and then deny giving  
out prizes?  Well, my guess would be ie, although people who speak  
Finnish and call their home "Suomi" might find "fi" odd, also



Cheers,

Matthew

[*] Little known factoid, but there are two legal exceptions to the  
'CNAME
and other data' rule.  You can have RRSIG or NSEC records at the  
same label

as CNAME -- see RFC 4035.  Obscure DNS trivia for 100, Alex...


Regards,
--
-Chuck

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS Question

[xSAPPYx]

Also, MX needs to resolve to an A, not a CNAME.. If you are using mail
on all these domains, use A records

On Fri, Oct 23, 2009 at 10:19 AM, Sean Cavanaugh
 wrote:
>
>> >how is this illegal?
>>
>> CNAME rule:
>>
>> a node with a CNAME cannot contain any other records.
>>
>> for the node domain.tld:
>>
>> domain.tld. soa ...
>> domain.tld. ns ...
>> domain.tld. cname otherdomain.tld.
>>
>> this node has a CNAME and "other data", so it's illegal, no matter what you 
>> want to do, or what makes sense to you, or what is convenient for you.
>>
>
>
>
>
>
>
> ah yes, forgot about that. you are correct on that line.
>
>
>
> -Sean
>                                          
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS Question

[RW]

On Fri, 23 Oct 2009 10:33:07 -0700
xSAPPYx  wrote:

> Also, MX needs to resolve to an A, not a CNAME.. If you are using mail
> on all these domains, use A records


You can use the domains for mail provided that that they share MX
servers, if example.com has a CNAME pointing to example.net then mail
to example.com will use the mx servers for example.net.

What you shouldn't do is mix the CNAME with separate  MX records
because it creates an ambiguity.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS Question

[DAve]

Chuck Swiger wrote:

On Oct 23, 2009, at 10:31 AM, Matthew Seaman wrote:
You aren't supposed to use CNAMES for anything found in other RR's; 
in particular, you should always use an A record with the hostnames 
used for nameservers (ie, have an NS record), because you are 
supposed to be using the canonical name rather than an alias.


Errr?  You mean the rule that NS and MX and SRV rdata must include an 
A record

rather than a CNAME?  That's true, but what does that have to do with web
serving?


Consider the case of redirects involving cnames; you end up with a lot 
of extra DNS traffic.


The illegality mentioned further upthread is that you can't use a 
CNAME at a zone apex because of the 'CNAME and other data rule'[*] -- 
as there's always got to be SOA and NS records at the zone apex, if 
you want a web page at 'example.com' you'ld have to provide an A or 
 record for it.  Unless you're Verisign and have control over the 
nameservers for .com, this is almost certainly illegal:


example.com. IN CNAME www.example.com

On the other hand:

www.example.com. IN CNAME example.com.

is generally fine.


It's generally fine, sure, but almost never ideal.  You don't save 
traffic by using CNAMEs instead of A records



PS: It's odd where google pulls up references to fairly canonical
docs, sometimes.  I'm not sure I even recognize "ua", and I suspect I
deal with two-letter ISO 3166 country names more than most folks do.
Maybe Ukraine?  :-)


Of course it's Ukraine.  .uk was already taken, even though the two 
letter
iso-code for this country is officially .gb.  We're in an exclusive 
club of
two nations that generally don't use their official iso-code in the 
DNS.  No

prizes for guessing which the other one is.


Shucks, how can you pull in Jeopardy references and then deny giving out 
prizes?  Well, my guess would be ie, although people who speak Finnish 
and call their home "Suomi" might find "fi" odd, also



Cheers,

Matthew

[*] Little known factoid, but there are two legal exceptions to the 
'CNAME
and other data' rule.  You can have RRSIG or NSEC records at the same 
label

as CNAME -- see RFC 4035.  Obscure DNS trivia for 100, Alex...


Regards,



Just so everyone knows, having a domain with a CNAME at the top will 
hose your mail traffic. We tried it, and some servers delivered fine, 
others did not. Checking with dig +trace, and dns stuff, showed the 
problem. Just trying to get a MX record for mainstreetfin.com would fail.


The record we had was,
mainstreetfin.com CNAME website.elliemae.com

And the problem is shown below.

---
DNS Lookup: mainstreetfin.com MX record

Searching for mainstreetfin.com MX record at a.root-servers.net 
[198.41.0.4]: Got referral to M.GTLD-SERVERS.NET. (zone: com.) [took 39 ms]


Searching for mainstreetfin.com MX record at M.GTLD-SERVERS.NET. 
[192.55.83.30]: Got referral to ns2auth.tls.net. (zone: 
mainstreetfin.com.) [took 11 ms]


Searching for mainstreetfin.com MX record at ns2auth.tls.net. 
[65.123.104.30]: Got CNAME of website.elliemae.com. and referral to 
k.root-servers.net [took 36 ms]


Searching for website.elliemae.com MX record at g.root-servers.net 
[192.112.36.4]: Got referral to I.GTLD-SERVERS.NET. (zone: com.) [took 
143 ms]


Searching for website.elliemae.com MX record at I.GTLD-SERVERS.NET. 
[192.43.172.30]: Got referral to ns2.elliemae.net. (zone: elliemae.com.) 
[took 63 ms]


Searching for website.elliemae.com MX record at ns2.elliemae.net. 
[63.241.88.21]: Timed out. Trying again.


Searching for website.elliemae.com MX record at ns2.elliemae.net. 
[63.241.88.21]: Timed out. Trying again.


Searching for website.elliemae.com MX record at ns1.elliemae.net. 
[216.35.165.21]: Reports that no MX records exist. [took 46 ms]


Response:
No MX records exist for website.elliemae.com. [Neg TTL=300 seconds]

Details:
ns1.elliemae.net. (an authoritative nameserver for elliemae.com.) says 
that there are no MX records for website.elliemae.com.
The E-mail address in charge of the elliemae.com. zone is: 
hostmas...@elliemae.com.


NOTE: One or more CNAMEs were encountered. mainstreetfin.com is really 
website.elliemae.com.




So some mail servers never asked our authoritative servers what the MX 
record was. Interesting.


DAve

--
"Posterity, you will know how much it cost the present generation to
preserve your freedom.  I hope you will make good use of it.  If you
do not, I shall repent in heaven that ever I took half the pains to
preserve it." John Quincy Adams

http://appleseedinfo.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: dns woes

[Tim Judd]

Replies interspersed



On Tue, 2009-03-17 at 14:15 -0400, David Banning wrote:
> I have had my dns server working fine in the past but now it seems
> to be down and I can't locate the reason.
> 
> Here are some details;
> 
> # dig @127.0.0.1 mylocaldomain.com 

Is this a real registered .com or some local (to your subnet) domain
name?

> works, but 
> 
> # dig @ns1.3s1.com mylocaldomain.com
> 

Same question.


> does not.
> 
> I have all IP addresses listed in named.conf;
> 
> listen-on   {
> 192.168.1.1;
> 209.161.205.12;
> 127.0.0.1;
> };
> 
> 
> I also note that 
> 
> $ telnet ns1.3s1.com 53

DNS' primary protocol is UDP, telnet uses TCP.  Some DNS servers listen
to TCP, however it is not required (the whole point in DNS over TCP are
for packets that won't fit in one UDP packet, such as a zone transfer).

> 
> show port 53 as closed, while
> 
> $ telnet 127.0.0.1 53
> 

See above.

> shows it as open
> 
> The other strange thing is that I get the startup error;
> 
> zone 0.0.127.IN-ADDR.ARPA/IN: loading master file master/localhost.rev: file 
> not found
> 
> when in fact /etc/namedb/master/localhost.rev -does- exist.

named is chrooted by default.
realpath /etc/namedb/master/localhost.rev !=
/var/named/etc/namedb/master/localhost.rev  (the realpath of the
chrooted named binary that is looking for that file).

> 
> 
> any pointers would be helpful

See above.  -> -> -> ->

> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS Resolution

[Gary Gatten]

I ran into a similar situation where the ns was behind a Juniper SRX doing NAT. 
Said Juniper had a "smart" DNS piece (ALG) that does special stuff on DNS 
packets; max record length, special NAT, etc.  I had to disable the DNS ALG to 
fix the "problem".

If your ns is behind a NATing device, start there.  Or, if you can run tcpdump 
on the ns, or before it hits a fw/NAT - ensure the reply packets have the 
"proper" IP in them as they leave the ns.

- Original Message -
From: owner-freebsd-questi...@freebsd.org 
To: freebsd-questions@freebsd.org 
Sent: Fri Nov 19 18:50:33 2010
Subject: DNS Resolution

I have a weird DNS problem I am hoping someone can help me with.

I have server running FBSD 8.0.  /etc/resolv.conf is set to use my ISP's DNS 
servers for name resolution.

If run dig @ns3.socket.net .yyy. the INTERNAL ip address of the server 
is returned.  

If I run d...@ns3.socket.net .yyy. axfr, the correct information for 
the entire zone is returned.  I am only noticing problems with .yyy..  
All other names seem to resolve correctly.

Any suggestions would be greatly appreciated.

Thanks,



Jay

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"








"This email is intended to be reviewed by only the intended recipient
 and may contain information that is privileged and/or confidential.
 If you are not the intended recipient, you are hereby notified that
 any review, use, dissemination, disclosure or copying of this email
 and its attachments, if any, is strictly prohibited.  If you have
 received this email in error, please immediately notify the sender by
 return email and delete this email from your system."


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS Resolution

[Jay Hall]

On Friday, November 19, 2010 07:25:10 pm Gary Gatten wrote:
> I ran into a similar situation where the ns was behind a Juniper SRX doing
> NAT. Said Juniper had a "smart" DNS piece (ALG) that does special stuff on
> DNS packets; max record length, special NAT, etc.  I had to disable the
> DNS ALG to fix the "problem".
> 
> If your ns is behind a NATing device, start there.  Or, if you can run
> tcpdump on the ns, or before it hits a fw/NAT - ensure the reply packets
> have the "proper" IP in them as they leave the ns.

Thanks for the quick response.  I think this is a problem with a piece of 
equipment I do not have access to.  The only difference between the site 
experiencing the problem and the other sites I maintain is the router.  If I 
redirect DNS queries to other sites, everything works as expected.

Thanks for your help.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DNS configuration

[Dick Hoogendijk]

On Thu, 15 Mar 2007 10:16:46 -1200
"neo neo" <[EMAIL PROTECTED]> wrote:

> but i don't know how to configure DNS . plz .. ?

Read the same handbook as adviced earlier. And for DNS the O'Reilly
book is great. DNS is no toy. It should be handled with great care. The
internet depends on it.

-- 
Dick Hoogendijk -- PGP/GnuPG key: F86289CE
++ http://nagual.nl/ | Solaris 10 11/06 ++
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS configuration

[Wojciech Puchar]

but i don't know how to configure DNS . plz .. ?


Read the same handbook as adviced earlier. And for DNS the O'Reilly
book is great. DNS is no toy. It should be handled with great care. The
internet depends on it.

exactly. it's quite easy to make domains not synchronize to slaves right 
etc. without being careful

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS configuration

[RW]

On Fri, 16 Mar 2007 10:56:31 +0100 (CET)
Wojciech Puchar <[EMAIL PROTECTED]> wrote:

> >
> >> but i don't know how to configure DNS . plz .. ?
> >
> > Read the same handbook as adviced earlier. And for DNS the O'Reilly
> > book is great. DNS is no toy. It should be handled with great care.
> > The internet depends on it.
> >
> exactly. it's quite easy to make domains not synchronize to slaves
> right etc. without being careful

Since he's at the  stage of setting an IP address and a default
route, I'd be pretty surprized if he's asking about Bind.

  
See the Handbook:  11.10.2.1 /etc/resolv.conf


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS configuration

[Jerry McAllister]

On Thu, Mar 15, 2007 at 10:16:46AM -1200, neo neo wrote:

> hi
> 
> For NAT ;
> 
> i already configure internal and external ip . And also finished gateway.
> 
> but i don't know how to configure DNS . plz .. ?

Will you be doing your own DNS or will that be done by your ISP?

> 
> by the way , " route add default xx.xx.xx.xx " is setting gateway .. is it
> right ?
> 
> very thankz... i am very happy for your support..
> 
> ZAW HTET AUNG
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Setting

[N.J. Mann]

On Tuesday,  2 January, 2007 at 13:22:15 +0330, Mohamad Babaei wrote:
> 
> I want to put my web server (ex. www.mysite.com) on a FreeBSD server and my
> mail server on another server (ex. mail.mysite.com), would you tell me how
> should i set my DNS setting & how my DNS files should look like ? where
> should i set my MX records ?

This is covered in Greg Lehey's excellent book "The Complete FreeBSD".
You can even download a copy (in PDF format) from his website.  For more
details see the email message he sends to this list *every* Friday
afternoon at about 5pm (UTC) with the subject line

  "The Complete FreeBSD": errata and addenda

If you are just starting out in FreeBSD you will find this book a great
source of information.


Cheers,
Nick.
-- 
Please do not CC me on replies, I read the list and don't need the dupes.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Setting

[Per olof Ljungmark]

Mohamad Babaei wrote:

Hi,

I want to put my web server (ex. www.mysite.com) on a FreeBSD server and my
mail server on another server (ex. mail.mysite.com), would you tell me how
should i set my DNS setting & how my DNS files should look like ? where
should i set my MX records ?


Maybe start here...?
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-dns.html
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Question

[Matthew Seaman]

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

国徽 wrote:
> Hello,
> 
> I am building the DNS Server,But I can't find the script
> "/etc/namedb/make-localhost" used in the document, So I can't go on
> now? Please tell me how to find the script,Thank you very much!> 
> 

Unfortunately the documentation is a bit out of date.  You no longer need
to run 'make-localhost' -- there are pre-built zone files for localhost, and
for 1.0.0.127.in-addr.arpa and the equivalent inverse domain for IPv6-ish
::1 that come with the system and which you can just use without further ado.

Cheers,

Matthew

- -- 
Dr Matthew J Seaman MA, D.Phil.   Flat 3
  7 Priory Courtyard
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
  Kent, CT11 9PW, UK
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.4 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHzsJT3jDkPpsZ+VYRA9/oAJwPFc7OhS/5rl2RAVhqKGRP0ii/8wCbBf+m
0HqFbp1sTRR/wadko9k5BRQ=
=ufcj
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Question

[David Alanis]

Hi Erik:

I don't recall the how-to explaining the usage of this script. I too,  
just recently setup a DNS server for a couple domains. My  
recommendation is to familiarize yourself with the Administrators  
Reference Manual (ARM) on BIND's website:


http://www.isc.org/index.pl?/sw/bind/arm93/

I found it more valuable than just following someone else's simple steps!

David Alanis

Quoting ?? <[EMAIL PROTECTED]>:


Hello,

I am building the DNS Server,But I can't find the script   
"/etc/namedb/make-localhost" used in the document, So I can't go on   
now? Please tell me how to find the script,Thank you very much!



Best Regards!

Freebsd Lover:Erik


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"






This message was sent using IMP, the Internet Messaging Program.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Problem

[Christer Hermansson]

Ruel Luchavez wrote:

when i resume it to its current configuration
"Obtain DBS server automatically" the problem is back, is this a problem in
my DNS server?
I'm using the FreeBSD 6.2 version...

I already restarted the DNS Server "/etc/rc.d/named restart" but nothing
happens the problem is still there..Is there any one here could help
me solve it?

  
I'm not sure but it seems that you are trying to use dhcp to receive the 
address of DNS-server.


Check the file /etc/resolv.conf ,this file should look like this:

nameserver 10.1.2.3
nameserver 10.4.5.6
nameserver 10.7.8.9

--

Christer Hermansson



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Problem

[Ruel Luchavez]

before i post here i already check the /etc/resolve.conf and this is what's
inside of it

domain name

On Fri, May 2, 2008 at 12:23 AM, Christer Hermansson <[EMAIL PROTECTED]>
wrote:

> Ruel Luchavez wrote:
>
> > when i resume it to its current configuration
> > "Obtain DBS server automatically" the problem is back, is this a problem
> > in
> > my DNS server?
> > I'm using the FreeBSD 6.2 version...
> >
> > I already restarted the DNS Server "/etc/rc.d/named restart" but nothing
> > happens the problem is still there..Is there any one here could help
> > me solve it?
> >
> >
> >
> I'm not sure but it seems that you are trying to use dhcp to receive the
> address of DNS-server.
>
> Check the file /etc/resolv.conf ,this file should look like this:
>
> nameserver 10.1.2.3
> nameserver 10.4.5.6
> nameserver 10.7.8.9
>
> --
>
> Christer Hermansson
>
>
>
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Problem

[Ruel Luchavez]

before i post here i already check the /etc/resolve.conf and this is what's
inside of it

domain name myplace.com.ph
name server   101.1.21.1
name server192.168.1.62

could it be my firewall blocking it? but i didn't change any configuration
from it..

Thanks in advance for your help..:(


>
> On Fri, May 2, 2008 at 12:23 AM, Christer Hermansson <
> [EMAIL PROTECTED]> wrote:
>
> > Ruel Luchavez wrote:
> >
> > > when i resume it to its current configuration
> > > "Obtain DBS server automatically" the problem is back, is this a
> > > problem in
> > > my DNS server?
> > > I'm using the FreeBSD 6.2 version...
> > >
> > > I already restarted the DNS Server "/etc/rc.d/named restart" but
> > > nothing
> > > happens the problem is still there..Is there any one here could help
> > > me solve it?
> > >
> > >
> > >
> > I'm not sure but it seems that you are trying to use dhcp to receive the
> > address of DNS-server.
> >
> > Check the file /etc/resolv.conf ,this file should look like this:
> >
> > nameserver 10.1.2.3
> > nameserver 10.4.5.6
> > nameserver 10.7.8.9
> >
> > --
> >
> > Christer Hermansson
> >
> >
> >
> >
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Problem

[D Hill]

On Fri, 2 May 2008 at 09:36 +0800, [EMAIL PROTECTED] confabulated:


before i post here i already check the /etc/resolve.conf and this is what's
inside of it

domain name myplace.com.ph
name server   101.1.21.1
name server192.168.1.62


According to the resolver(5) documentation, it should look like this:

  domain myplace.com.ph
  nameserver 101.1.21.1
  nameserver 192.168.1.62


could it be my firewall blocking it? but i didn't change any configuration
from it..

Thanks in advance for your help..:(




On Fri, May 2, 2008 at 12:23 AM, Christer Hermansson <
[EMAIL PROTECTED]> wrote:


Ruel Luchavez wrote:


when i resume it to its current configuration
"Obtain DBS server automatically" the problem is back, is this a
problem in
my DNS server?
I'm using the FreeBSD 6.2 version...

I already restarted the DNS Server "/etc/rc.d/named restart" but
nothing
happens the problem is still there..Is there any one here could help
me solve it?




I'm not sure but it seems that you are trying to use dhcp to receive the
address of DNS-server.

Check the file /etc/resolv.conf ,this file should look like this:

nameserver 10.1.2.3
nameserver 10.4.5.6
nameserver 10.7.8.9

--

Christer Hermansson







___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Problem

[Ruel Luchavez]

Ok..I have follow your post D Hill, but it doesn't solve the problem

Please HELP...

Thanks..:(

On Fri, May 2, 2008 at 9:45 AM, D Hill <[EMAIL PROTECTED]> wrote:

> On Fri, 2 May 2008 at 09:36 +0800, [EMAIL PROTECTED] confabulated:
>
>  before i post here i already check the /etc/resolve.conf and this is
> > what's
> > inside of it
> >
> > domain name myplace.com.ph
> > name server   101.1.21.1
> > name server192.168.1.62
> >
>
> According to the resolver(5) documentation, it should look like this:
>
>  domain myplace.com.ph
>  nameserver 101.1.21.1
>  nameserver 192.168.1.62
>
>  could it be my firewall blocking it? but i didn't change any
> > configuration
> > from it..
> >
> > Thanks in advance for your help..:(
> >
> >
> >
> > > On Fri, May 2, 2008 at 12:23 AM, Christer Hermansson <
> > > [EMAIL PROTECTED]> wrote:
> > >
> > >  Ruel Luchavez wrote:
> > > >
> > > >  when i resume it to its current configuration
> > > > > "Obtain DBS server automatically" the problem is back, is this a
> > > > > problem in
> > > > > my DNS server?
> > > > > I'm using the FreeBSD 6.2 version...
> > > > >
> > > > > I already restarted the DNS Server "/etc/rc.d/named restart" but
> > > > > nothing
> > > > > happens the problem is still there..Is there any one here could
> > > > > help
> > > > > me solve it?
> > > > >
> > > > >
> > > > >
> > > > >  I'm not sure but it seems that you are trying to use dhcp to
> > > > receive the
> > > > address of DNS-server.
> > > >
> > > > Check the file /etc/resolv.conf ,this file should look like this:
> > > >
> > > > nameserver 10.1.2.3
> > > > nameserver 10.4.5.6
> > > > nameserver 10.7.8.9
> > > >
> > > > --
> > > >
> > > > Christer Hermansson
> > > >
> > > >
> > > >
> > > >
> > > >
> > >  ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "
> > [EMAIL PROTECTED]"
> >
> >
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Problem

[Jonathan Chen]

On Fri, May 02, 2008 at 09:36:51AM +0800, Ruel Luchavez wrote:
> before i post here i already check the /etc/resolve.conf and this is what's
> inside of it
> 
> domain name myplace.com.ph
> name server   101.1.21.1
> name server192.168.1.62
> 

The problems with what you've just posted are:

1. the file is /etc/resolv.conf, not /etc/resolve.conf
2. your contents are wrong, they should look like:
domain myplace.com.ph
nameserver 101.1.21.1
nameserver 192.168.1.62

-- 
Jonathan Chen <[EMAIL PROTECTED]>
--
  "The things we know best are the things we haven't been taught."
 - Marquis de Vauvenargues
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS Problem

[D Hill]

On Fri, 2 May 2008 at 15:35 +1200, [EMAIL PROTECTED] confabulated:


On Fri, May 02, 2008 at 09:36:51AM +0800, Ruel Luchavez wrote:

before i post here i already check the /etc/resolve.conf and this is what's
inside of it

domain name myplace.com.ph
name server   101.1.21.1
name server192.168.1.62



The problems with what you've just posted are:

   1. the file is /etc/resolv.conf, not /etc/resolve.conf


Ha! I didn't catch the misspelling of resolv.conf. :-(


   2. your contents are wrong, they should look like:
   domain myplace.com.ph
   nameserver 101.1.21.1
   nameserver 192.168.1.62

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS troubles

[Giorgos Keramidas]

On Mon, 21 Jul 2008 21:30:56 -0400, Jim <[EMAIL PROTECTED]> wrote:
> I'm trying to get a machine working, but it can't seem to handle DNS
> requests. I've just done a 7.0 install (from CD, usually I use net,
> but it wasn't connecting to anything, now I know why).
>
> I have a machine with two built in NICs on the motheroboard, one using
> nfe the other using bge. When I try to connect to anything, I get a
> "cannot resolve host error". Both are set up to be static,
> 192.168.1.84, and bge is 192.168.1.86. I have tried both "192.168.1.1"
> (the router, which points to the ISPs DNS) and "4.2.2.1" in the
> /etc/resolve.conf file, each separately, not both at once. The machine
> can ping both of these addresses and gets a decent to rapid return
> time (~.3ms for the former, <20ms for the latter) Neither works on
> this machine. Both work on the other FreeBSD and Windows machines in
> the house. I have the machine set to dual boot, and DNS works fine
> under Windows.

I hope you didn't create a "resolve.conf" file, because it is called
"resolv.conf" without a final "e", i.e.:

[EMAIL PROTECTED]:/root# ls -ld /etc/resol*
-rw-r--r--  1 root  wheel  - 35 Jul 22 01:36 /etc/resolv.conf
[EMAIL PROTECTED]:/root#

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: DNS troubles

[Patrick Mahan]

Jim presented these words - circa 7/21/08 6:30 PM->

I'm trying to get a machine working, but it can't seem to handle DNS
requests. I've just done a 7.0 install (from CD, usually I use net,
but it wasn't connecting to anything, now I know why).

I have a machine with two built in NICs on the motheroboard, one using
nfe the other using bge. When I try to connect to anything, I get a
"cannot resolve host error". Both are set up to be static,
192.168.1.84, and bge is 192.168.1.86. I have tried both "192.168.1.1"
(the router, which points to the ISPs DNS) and "4.2.2.1" in the
/etc/resolve.conf file, each separately, not both at once. The machine
can ping both of these addresses and gets a decent to rapid return
time (~.3ms for the former, <20ms for the latter) Neither works on
this machine. Both work on the other FreeBSD and Windows machines in
the house. I have the machine set to dual boot, and DNS works fine
under Windows.

I tried DHCP without an luck. The previous install on this machine just worked.

What I *SUSPECT* is the biggest clue (my guess, check an rc.d file, which?)
During boot up, after showing the network interfaces, until showing
the login prompt, the terminal gets spammed with "b: not found".

Up to this point:
-> I installed it once with a boot only CD and it worked fine, but
being absent minded, I reinstalled thinking it would be the
quickest/easiest way to fix an issue, and the install I had wasn't
really 'set-up' yet.
-> The DNS checker (bind?) wasn't working properly during the first
reinstall. Sadly, I found this out after reformatting the partitions.
-> I re-burned the CD with CD1 (not boot only), and tried again - DNS
still didn't work.
-> I installed from CD.

Process for current install:
-> I installed i386/7.0 from Install Disk 1, minimal install + dict,
man, info and doc
-> I set the root password during the install
-> I updated the /etc/ssh* files to the files from my old system (I
can ssh into the computer fine)
-> I copied over the rc.conf and modified the NIC and startup entries
(see below)
-> I added if_tap_load="YES" to /boot/loader.conf (this was AFTER the
DNS issues had started)
-> set the values in /etc/resolve.conf
-> I copied /etc/supfile-ports and /etc/supfile-src from the old
install. These are pretty boring supfiles for ports and src
respectively.
-> I added my non-root account (so I could ssh in)

That's it.

Any ideas? My suspicion is that my next step will be 'rebuild bind
from within /usr/src wherever it resides in there'. However, since it
wasn't working during install or now, I suspect that won't be enough.



Why do you think 'bind' is the problem?  You are not using bind, you are
using the DNS resolver (which is the client side of Bind).  Can you reach
each of the nodes listed in resolv.conf?  via ping?  via traceroute?

Have you tried to issue a 'dig 4.2.2.1 name' to see if you can reach the
DNS server?

I would first ensure that you have basic network connectivity, once that
is confirmed, that you have access to the DNS servers.

But your problem is not locally with Bind.

Patrick Mahan
ex-Window Washer


Thanks,
-Jim Stapleton

/etc/resolve.conf

domain  var-dev.net
nameserver  4.2.2.1
nameserver  4.2.2.2
nameserver  4.2.2.3


/etc/rc.conf

hostname="elrond.var-dev.net"
ifconfig_bge0="inet 192.168.1.86 netmask 255.255.255.0"
#ifconfig_re0_alias0="192.168.1.85 netmask 255.255.255.255"
defaultrouter="192.168.1.1"

#for QEmu
ifconfig_nfe0="up polling"
autobridge_interfaces="bridge0"
autobridge_bridge0="tap0 nfe0"
cloned_interfaces="bridge0"
# the bridge gets the IP
#ifconfig_bridge0="inet 10.10.10.2 netmask 255.255.255.0"
ifconfig_bridge0="inet 192.168.1.84 netmask 255.255.255.0"
ifconfig_bridge0_alias0="192.168.1.85 netmask 255.255.255.0"

sshd_enable="YES"
usbd_enable="YES"
linux_enable="YES"
#ntpdate_enable="YES"
ntpd_enable="YES"
#cupsd_enable="YES"
#moused_enable="YES"

#for beryl and hardware autodetect stuff
#compat5_enable="YES"
#dbus_enable="YES"
#polkitd_enable="YES"
#hald_enable="YES"
#gdm_enable="YES"
bsdstats_enable="YES"

# -- sysinstall generated deltas -- # Tue Mar 25 08:22:19 2008
keymap="us.iso"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"