Re: Correct configuration

On Thursday 08 July 2010 8:41:19 am Dimitri
Yioulos wrote:
Hello to all.

I have recently set up a slave DNS server
(bind-9.3.6) on a CentOS 5.x Linux box. The
master is our Windows server and, really, it
directly serves our AD infrastructure, and
forwards external queries to our ISP''s DNS

I got the basic set-up correct, I believe.
However, yesterday I pushed the envelope a bit.
I want to make sure that, in the temporary
absence of the master, that the slave does the
forwarding to the ISP, but that it only servers
our company (i.e. is not accessible
externally). Here's my named.conf file:

Options {
directory "/var/named"; //Working
directory forwarders {
forward only;
version "not currently available";
allow-recursion {;};

//Zone entry for my Active Directory domain.
zone "" IN {
type slave;
file "slaves/";
masters {;};
allow-notify {none;};
forwarders {};

// reverse map for class C
zone "100.168.192.IN-ADDR.ARPA" IN {
type slave;
file "slaves/";
masters {;};
allow-notify {none;};
forwarders {};

include "/etc/rndc.key";

logging {
channel log {
file "/var/log/named/bind.log" versions 3
size 5m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
category default{ log; };
category statistics { log; };
category queries { log; };

Is this correct and secure?

Many thanks.




This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.