| Wally Sanford 2004-01-23, 7:23 pm |
| It says at http://linux-rep.fnal.gov/rhl-rg-en...d-mistakes.html that:
1) "Take care to increment the serial number when editing a zone file.
If the serial number is not incremented, the master nameserver may have the
correct, new information, but the slave nameservers will never be notified
of the change or attempt to refresh their data of that zone."
QUESTION: This computer multiboots to at least one other operating system
that also has a web server and DNS. My nameservers are those from
namecheap.com (actually, enom...). Is it necessary to coordinate the serial
number between Linux and the other OS, and if so, how?
2) "If a firewall is blocking connections from the named program to other
nameservers, edit its configuration file.
By default, BIND version 9 uses random ports above 1024 to query other
nameservers. Some firewalls, however, expect all nameservers to communicate
using only port 53. Force named to use port 53 by adding the following line
to the options statement of /etc/named.conf:
"query-source address * port 53;""
QUESTION: I do indeed block ports above 1024, and allow some traffic on 53.
How do you include the statement "query-source address * port 53;" in
named.conf so that it is not overwritten by the Redhat 9 graphical DNS
configuration tool (which even if I set up named.conf by hand, I would at
some time inadvertently use)? Should that statement be in named.custom, and
is there any syntax other than just pasting the line in a reasonable place?
Thanks.
--
Wally Sanford
web: http://wallysanford.com
email: PleaseSubstituteMyFirstNameHere@w
allysanford.com
|