Re: [tanya-jawab] SETTING DNS BIND FEDORA 6
On 5/11/07, Green barretz <[EMAIL PROTECTED]> wrote: Jangan lupa ganti kepemilikan file zone: #chown -R named.named nama_file.zone karena bila dibuat oleh user root maka saat disimpan kepemilikan file itu adalah user root On 5/10/07, A. Yahya <[EMAIL PROTECTED]> wrote: > On 5/10/07, Gatot Setiawan <[EMAIL PROTECTED]> wrote: > > Tapi saya pernah coba tidak link ke /var/named/chroot/ selalu zone not > > found. Bisa jelaskan secara rinci ngak mas > > > Jika menggunakan bind dengan chroot [bind-chroot], semua file > configurasi ataupun datanya disimpan di /var/named/chroot. > cd /var/named > ls > chroot localdomain.zone named.broadcast named.ip6.local named.zero > datalocalhost.zonenamed.ca named.local slaves > cd chroot > ls > dev etc proc var > > Yaya > > -- > FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab > Unsubscribe: kirim email ke [EMAIL PROTECTED] > Arsip dan info milis selengkapnya di http://linux.or.id/milis > > -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
Re: [tanya-jawab] SETTING DNS BIND FEDORA 6
coba jalanin service namednya !!! trus sambil diliat Lognya tail -f
/var/log/messages, ada error nggak ??
> Untuk file zone sudah saya taruh di /var/named/chroot/var/named/ dan
> untuk file conf dan resolve saya taruh di /var/named/chroot/etc/ tapi
> masih blm bisa jalan juga dan setiap saya nslookup -sil namadomain
> selalu connection time out server not found berikut konfigurasi
> named.conf :
>
> options
> {
> /* make named use port 53 for the source of all queries, to allow
> * firewalls to block all ports except 53:
> */
> query-sourceport 53;
> query-source-v6 port 53;
>
> // Put files that named is allowed to write in the data/ directory:
> directory "/var/named"; // the default
> dump-file "data/cache_dump.db";
> statistics-file "data/named_stats.txt";
> memstatistics-file "data/named_mem_stats.txt";
>
> };
> logging
> {
> /* If you want to enable debugging, eg. using the 'rndc trace'
> command,
> * named will try to write the 'named.run' file in the $directory
> (/var/named).
> * By default, SELinux policy does not allow named to modify the
> /var/named directory,
> * so put the default debug log file in data/ :
> */
> channel default_debug {
> file "data/named.run";
> severity dynamic;
> };
> };
>
> view "localhost_resolver"
> {
> /* This view sets up named to be a localhost resolver ( caching only
> nameserver ).
> * If all you want is a caching-only nameserver, then you need only
> define this view:
> */
> match-clients { localhost; };
> match-destinations{ localhost; };
> recursion yes;
> # all views must contain the root hints zone:
> include "/etc/named.root.hints";
>
> /* these are zones that contain definitions for all the localhost
> * names and addresses, as recommended in RFC1912 - these names
> should
> * ONLY be served to localhost clients:
> */
>
> include "/etc/named.rfc1912.zones";
>
> /*
> * Internal zone
> */
> include "/etc/named.internal.zones";
> };
>
> view "internal"
> {
> /* This view will contain zones you want to serve only to "internal"
> clients
>that connect via your directly attached LAN interfaces - "localnets" .
> */
> match-clients{ localnets; };
> match-destinations{ localnets; };
> recursion yes;
> // all views must contain the root hints zone:
> include "/etc/named.root.hints";
>
> // include "named.rfc1912.zones";
> // you should not serve your rfc1912 names to non-localhost clients.
>
> // These are your "authoritative" internal zones, and would probably
> // also be included in the "localhost_resolver" view above :
>
> //zone "my.internal.zone" {
> //type master;
> //file "my.internal.zone.db";
> //};
> //zone "my.slave.internal.zone" {
> //type slave;
> //file "slaves/my.slave.internal.zone.db";
> //masters { /* put master nameserver IPs here */ 127.0.0.1; } ;
> //// put slave zones in the slaves/ directory so named can
> update them
> //};
> //zone "my.ddns.internal.zone" {
> //type master;
> ///allow-update { key ddns_key; };
> //file "slaves/my.ddns.internal.zone.db";
> //// put dynamically updateable zones in the slaves/ directory
> so named can update them
> //};
> };
> key ddns_key
> {
> algorithm hmac-md5;
> secret "lcvlBzGB2x7kM6ve8ttW0TtOWoc0RZOeKVTzS911nNN6DknY967TZ7obuiz7";
> //secret "use /usr/sbin/dns-keygen to generate TSIG keys";
> };
> view"external"
> {
> /* This view will contain zones you want to serve only to "external"
> clients
> * that have addresses that are not on your directly attached LAN
> interface subnets:
> */
> match-clients{ !localnets; !localhost; };
> match-destinations{ !localnets; !localhost; };
>
> recursion no;
> // you'd probably want to deny recursion to external clients, so you
> don't
> // end up providing free DNS service to all takers
>
> // all views must contain the root hints zone:
> include "/etc/named.root.hints";
>
> // These are your "authoritative" external zones, and would probably
> // contain entries for just your web and mail servers:
>
> //zone "my.external.zone" {
> //type master;
> //file "my.external.zone.db";
> //};
> };
>
> dan berikut konfigurasi named.internal.zones :
>
> zone "sukma.net" IN {
> type master;
> file "db.sukma";
> allow-update { none; };
> };
>
> zone "10.168.192.in-addr.arpa" IN {
> type master;
> file "db.192.168";
> allow-update { none; };
> };
>
> dan berikut konfigurasi db.sukma dan db.192.168
> ## db.sukma
> $TTL86400
> @IN SOAns.sukma.netinfo.sukma.net (
> 070501; serial (d. adams)
> 3H; refre
Re: [tanya-jawab] SETTING DNS BIND FEDORA 6
Untuk file zone sudah saya taruh di /var/named/chroot/var/named/ dan
untuk file conf dan resolve saya taruh di /var/named/chroot/etc/ tapi
masih blm bisa jalan juga dan setiap saya nslookup -sil namadomain
selalu connection time out server not found berikut konfigurasi
named.conf :
options
{
/* make named use port 53 for the source of all queries, to allow
* firewalls to block all ports except 53:
*/
query-sourceport 53;
query-source-v6 port 53;
// Put files that named is allowed to write in the data/ directory:
directory "/var/named"; // the default
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
};
logging
{
/* If you want to enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run' file in the $directory
(/var/named).
* By default, SELinux policy does not allow named to modify the
/var/named directory,
* so put the default debug log file in data/ :
*/
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view "localhost_resolver"
{
/* This view sets up named to be a localhost resolver ( caching only
nameserver ).
* If all you want is a caching-only nameserver, then you need only
define this view:
*/
match-clients { localhost; };
match-destinations{ localhost; };
recursion yes;
# all views must contain the root hints zone:
include "/etc/named.root.hints";
/* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names
should
* ONLY be served to localhost clients:
*/
include "/etc/named.rfc1912.zones";
/*
* Internal zone
*/
include "/etc/named.internal.zones";
};
view "internal"
{
/* This view will contain zones you want to serve only to "internal" clients
that connect via your directly attached LAN interfaces - "localnets" .
*/
match-clients{ localnets; };
match-destinations{ localnets; };
recursion yes;
// all views must contain the root hints zone:
include "/etc/named.root.hints";
// include "named.rfc1912.zones";
// you should not serve your rfc1912 names to non-localhost clients.
// These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above :
//zone "my.internal.zone" {
//type master;
//file "my.internal.zone.db";
//};
//zone "my.slave.internal.zone" {
//type slave;
//file "slaves/my.slave.internal.zone.db";
//masters { /* put master nameserver IPs here */ 127.0.0.1; } ;
//// put slave zones in the slaves/ directory so named can
update them
//};
//zone "my.ddns.internal.zone" {
//type master;
///allow-update { key ddns_key; };
//file "slaves/my.ddns.internal.zone.db";
//// put dynamically updateable zones in the slaves/ directory
so named can update them
//};
};
key ddns_key
{
algorithm hmac-md5;
secret "lcvlBzGB2x7kM6ve8ttW0TtOWoc0RZOeKVTzS911nNN6DknY967TZ7obuiz7";
//secret "use /usr/sbin/dns-keygen to generate TSIG keys";
};
view"external"
{
/* This view will contain zones you want to serve only to "external" clients
* that have addresses that are not on your directly attached LAN
interface subnets:
*/
match-clients{ !localnets; !localhost; };
match-destinations{ !localnets; !localhost; };
recursion no;
// you'd probably want to deny recursion to external clients, so you
don't
// end up providing free DNS service to all takers
// all views must contain the root hints zone:
include "/etc/named.root.hints";
// These are your "authoritative" external zones, and would probably
// contain entries for just your web and mail servers:
//zone "my.external.zone" {
//type master;
//file "my.external.zone.db";
//};
};
dan berikut konfigurasi named.internal.zones :
zone "sukma.net" IN {
type master;
file "db.sukma";
allow-update { none; };
};
zone "10.168.192.in-addr.arpa" IN {
type master;
file "db.192.168";
allow-update { none; };
};
dan berikut konfigurasi db.sukma dan db.192.168
## db.sukma
$TTL86400
@IN SOAns.sukma.netinfo.sukma.net (
070501; serial (d. adams)
3H; refresh
15M; retry
1W; expiry
1D ); minimum
IN NSns.sukma.net.
IN A192.168.10.5
nsIN A192.168.10.5
wwwIN CNAMEns
##db.192.168
$TTL86400
@ IN SOAns.sukma.net.info.sukma.net. (
070509 ; Serial
288
Re: [tanya-jawab] SETTING DNS BIND FEDORA 6
On 5/10/07, Gatot Setiawan <[EMAIL PROTECTED]> wrote: Tapi saya pernah coba tidak link ke /var/named/chroot/ selalu zone not found. Bisa jelaskan secara rinci ngak mas Jika menggunakan bind dengan chroot [bind-chroot], semua file configurasi ataupun datanya disimpan di /var/named/chroot. cd /var/named ls chroot localdomain.zone named.broadcast named.ip6.local named.zero datalocalhost.zonenamed.ca named.local slaves cd chroot ls dev etc proc var Yaya -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
Re: [tanya-jawab] SETTING DNS BIND FEDORA 6
Tapi saya pernah coba tidak link ke /var/named/chroot/ selalu zone not found. Bisa jelaskan secara rinci ngak mas Terima Kasih A. Yahya wrote: On 5/10/07, Gatot Setiawan <[EMAIL PROTECTED]> wrote: Bind nya make chroot mas dan semuanya sudah saya ln -s untuk zone dan Tidak perlu me-link [ln -s] lagi karenz secara default memeng telah di-link ke /var/named/chroot. config permission deniednya pas di file internal zone yang saya bikin untuk lo sudah bisa saya coba tapi pas saya tambahin internal zone permiision denied dan connection time out. ... Coba saja paket2 bind-nya di-update. rpm -qa | grep bind bind-utils-9.3.4-4.fc6 bind-chroot-9.3.4-4.fc6 bind-libs-9.3.4-4.fc6 bind-9.3.4-4.fc6 Itu kenapa mas atau mas punya contoh konfigurasinya dari .conf sama file zonesnya yang menggunakan chroot. Walaupun tidak dispesifik untuk bind-chroot, mungkin link ini bisa sedikit memberi pencerahan. http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch18_:_Configuring_DNS Yaya __ Apakah Anda Yahoo!? Lelah menerima spam? Surat Yahoo! memiliki perlindungan terbaik terhadap spam http://id.mail.yahoo.com -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
Re: [tanya-jawab] SETTING DNS BIND FEDORA 6
On 5/10/07, Gatot Setiawan <[EMAIL PROTECTED]> wrote: Bind nya make chroot mas dan semuanya sudah saya ln -s untuk zone dan Tidak perlu me-link [ln -s] lagi karenz secara default memeng telah di-link ke /var/named/chroot. config permission deniednya pas di file internal zone yang saya bikin untuk lo sudah bisa saya coba tapi pas saya tambahin internal zone permiision denied dan connection time out. ... Coba saja paket2 bind-nya di-update. rpm -qa | grep bind bind-utils-9.3.4-4.fc6 bind-chroot-9.3.4-4.fc6 bind-libs-9.3.4-4.fc6 bind-9.3.4-4.fc6 Itu kenapa mas atau mas punya contoh konfigurasinya dari .conf sama file zonesnya yang menggunakan chroot. Walaupun tidak dispesifik untuk bind-chroot, mungkin link ini bisa sedikit memberi pencerahan. http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch18_:_Configuring_DNS Yaya -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
[tanya-jawab] SETTING DNS BIND FEDORA 6
Dear All, Saya mau nanya mengenai setting dns bind di Fedora core 6 mulai dari awal sampai akhir menggunakan chroot karena saya sudah coba selalu permission denied dan sekali service named restart ok dan saya coba nslookup -sil selalu connection time out; server not found. Mungkin temen2 ada bisa bantu mengenai konfigurasinya. Thk Gatot __ Apakah Anda Yahoo!? Lelah menerima spam? Surat Yahoo! memiliki perlindungan terbaik terhadap spam http://id.mail.yahoo.com -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
Re: [tanya-jawab] SETTING DNS BIND FEDORA 6
Bind nya make chroot mas dan semuanya sudah saya ln -s untuk zone dan config permission deniednya pas di file internal zone yang saya bikin untuk lo sudah bisa saya coba tapi pas saya tambahin internal zone permiision denied dan connection time out. Itu kenapa mas atau mas punya contoh konfigurasinya dari .conf sama file zonesnya yang menggunakan chroot. Terima Kasih ibunk wrote: pake chroot nggak bindnya...permission deniedny dimana ?? confignya pastein aja...tar di analisa sama2hehehhe Dear All, Saya mau nanya mengenai setting dns bind di Fedora core 6 mulai dari awal sampai akhir karena saya sudah coba selalu permission denied dan sekali service named restart ok dan saya coba nslookup -sil selalu connection time out; server not found. Mungkin temen2 ada bisa bantu mengenai konfigurasinya. Thk Gatot __ Apakah Anda Yahoo!? Lelah menerima spam? Surat Yahoo! memiliki perlindungan terbaik terhadap spam http://id.mail.yahoo.com -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis Salam Bungaran Eka Suryadi DIGITAL KREASI Jalan Jend. A. Yani - Kompleks Villa Azhar Block C11, 16 Ulu Palembang, 30265 - Indonesia Telp. +62-711-7383000, +62-711-520115 Mobile +62-819-27758397 Fax. +62-711-520115 __ Apakah Anda Yahoo!? Lelah menerima spam? Surat Yahoo! memiliki perlindungan terbaik terhadap spam http://id.mail.yahoo.com -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
Re: [tanya-jawab] SETTING DNS BIND FEDORA 6
pake chroot nggak bindnya...permission deniedny dimana ?? confignya pastein aja...tar di analisa sama2hehehhe > Dear All, > > Saya mau nanya mengenai setting dns bind di Fedora core 6 mulai dari > awal sampai akhir karena saya sudah coba selalu permission denied dan > sekali service named restart ok dan saya coba nslookup -sil selalu > connection time out; server not found. > Mungkin temen2 ada bisa bantu mengenai konfigurasinya. > > Thk > Gatot > > __ > Apakah Anda Yahoo!? > Lelah menerima spam? Surat Yahoo! memiliki perlindungan terbaik terhadap > spam > http://id.mail.yahoo.com > > -- > FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab > Unsubscribe: kirim email ke [EMAIL PROTECTED] > Arsip dan info milis selengkapnya di http://linux.or.id/milis > > Salam Bungaran Eka Suryadi DIGITAL KREASI Jalan Jend. A. Yani - Kompleks Villa Azhar Block C11, 16 Ulu Palembang, 30265 - Indonesia Telp. +62-711-7383000, +62-711-520115 Mobile +62-819-27758397 Fax. +62-711-520115 -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
[tanya-jawab] SETTING DNS BIND FEDORA 6
Dear All, Saya mau nanya mengenai setting dns bind di Fedora core 6 mulai dari awal sampai akhir karena saya sudah coba selalu permission denied dan sekali service named restart ok dan saya coba nslookup -sil selalu connection time out; server not found. Mungkin temen2 ada bisa bantu mengenai konfigurasinya. Thk Gatot __ Apakah Anda Yahoo!? Lelah menerima spam? Surat Yahoo! memiliki perlindungan terbaik terhadap spam http://id.mail.yahoo.com -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
