| Red Hat Linux 7.2: The Official Red Hat Linux Reference Guide | ||
|---|---|---|
| Prev | Chapter 14. Berkeley Internet Name Domain (BIND) | Next |
It is very common for beginners to make mistakes when editing BIND configuration files or run in to initial difficulties using named. Be sure to avoid the following problems:
Make sure you increment the serial number when editing a zone file.
If the serial number is not incremented, your master nameserver may have the correct, new information, but your slave nameservers will never be notified of the change or attempt to refresh their data of that zone. After all, their serial number will match the one on the master nameserver, even though their data for the zone is completely different than what is on the master.
Be careful to use ellipses and semi-colons correctly in the /etc/named.conf file.
An omitted semi-colon or unclosed ellipse section will cause named to refuse to start.
Remember to place dots (.) in zone files after all FQDNs and omit them on hostnames.
The dot symbolizes that the name given is full and complete. If the dot is omitted, then named will place the name of the zone or the $ORIGIN value after the name to complete it.
If you are having problems with your firewall blocking connections from your named to other nameservers, you should manually tell named to use port 53 for upstream queries.
BIND version 9 uses random ports above 1024 query other nameservers to resolve names, just like other DNS clients do, connecting to the remote nameserver's port 53. Some firewalls, however, expect nameservers to communicate with each other with both systems using port 53. You can place the following line in the options statement to force named to send queries from port 53:
query-source address * port 53; |