> Commands
[root@treebeard ~]# service named stop Stopping named: [ OK ] [root@treebeard ~]# service named start Starting named: [ OK ] [root@treebeard ~]# service named restart Stopping named: [ OK ] Starting named: [ OK ] [root@treebeard ~]# named-checkconf [root@treebeard ~]# rndc flush [root@treebeard ~]# rndc reload server reload successful [root@treebeard ~]# rndc dumpdb [root@treebeard ~]# ls -l /var/named/dump/named_dump.db -rw-r--r-- 1 named named 286 Nov 30 12:35 /var/named/dump/named_dump.db [root@treebeard ~]# date Mon Nov 30 12:35:47 PST 2009 [root@treebeard ~]#
> Firewall Settings
[root@treebeard ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.3.5 on Tue Nov 3 09:53:04 2009
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [1:70]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Tue Nov 3 09:53:04 2009
# Generated by iptables-save v1.3.5 on Tue Nov 3 09:53:04 2009
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [664:72586]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 69 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Tue Nov 3 09:53:04 2009
[root@treebeard ~]#
> Configuration Files
[root@treebeard ~]# cat /etc/var/named cat: /etc/var/named: No such file or directory [root@treebeard ~]# cat /etc/named.conf options { directory "/var/named"; dump-file "dump/named_dump.db"; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; }; // // a caching only nameserver config // controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; }; }; zone "tarchari" IN { type master; file "db.tarchari"; allow-update { none; }; }; zone "10.10.10.in-addr.arpa" IN { type master; file "db.10.10.10"; allow-update { none; }; }; // A key file needs to be referenced for use by rndc include "/etc/rndc.key"; [root@treebeard ~]# cat /var/named/db.tarchari $TTL 3D ; Tarchari Zone Definition ;Start of Authority record tarchari. IN SOA treebeard.tarchari. root.tarchari. ( 2009120600 ; serial number 5M ; refresh rate 1M ; retry 2D ; expire 1D) ; minimum ;Name Server Records IN NS treebeard.tarchari. ;Address Records localhost IN A 127.0.0.1 treebeard IN A 10.10.10.1 ;CNAME records [root@treebeard ~]# cat /var/named/db.10.10.10 $TTL 3D ;10.10.10.* Reverse Zone Definition ;Start of Authority recored 10.10.10.in-addr.arpa. IN SOA treebeard.tarchari. root.tarchari. ( 2010120600 ; Serial 5M ; Refresh 1M ; Retry 2D ; Expire 1D) ; Minimum ;Name Server Records 10.10.10.in-addr.arpa. IN NS treebeard.tarchari. [root@treebeard ~]#