From: Patrick Jaques (pjaques@comcast.net)
Date: Tue Jul 13 2004 - 22:46:18 CDT
I believe you could have edited '/etc/sysconfig/named' and remarked out the
line
# ROOTDIR=/var/named/chroot
so bind would look for it configuration files in /etc in a non-chroot
configuration.
--Patrick
-----Original Message-----
From: owner-netreg@southwestern.edu [mailto:owner-netreg@southwestern.edu]
On Behalf Of DelVecchio, Anthony R.
Sent: Tuesday, July 13, 2004 11:17 PM
To: netreg@southwestern.edu
Subject: RE: NetReg: NetReg DNS server notautomatically redirecting
Thanks everyone,
I found that FC 2 runs named as chroot and when it does it appears to load
the named.conf last. Unfortunately, in the chroot path those two files were
empty so it was running in pretty much a default mode. Linking the
named.conf (hard link not symbolic) and db.root to the chroot /etc fixed the
problem. Red Hat 9 (which was the last time under which I built this) did
not do this.
I am told that a jailed process would normally load it's conf files first
then get jailed rather than what happened here.
Here is how FC 2 is running bind from it's intstallation:
/usr/sbin/named -u named -t /var/named/chroot
Summary: link /var/named/chroot/etc/named.conf and db.root to
/etc/named.conf and /etc/db.root
Tony DelVecchio
Network Security Manager
University of St Thomas, St Paul, Mn
_____
From: Robert Lowe [mailto:Robert.H.Lowe@lawrence.edu]
Sent: Tue 7/13/2004 4:31 PM
To: netreg@southwestern.edu
Subject: Re: NetReg: NetReg DNS server notautomatically redirecting
DelVecchio, Anthony R. wrote:
> Hi,
>
>
>
> I am running into an issue where I have an unregistered client pick up
> the DHCP info from an unregistered range including DNS. I verified this
> with an ipconfig. When you go to a browser I am still able to get to
> any url. I have to manually enter the url for netreg in order to
> register the client.
>
>
>
> I haven't confirmed if this is only happening with my Windows XP Pro
> client or if it is happening to everyone else. I have experienced a
> similar intermittent problem in the past where the client would not
> give up its old, valid IP. This is not the case this time.
>
>
>
> Running nslookup shows the server to be the netreg dns but when you
> actually do an nslookup you will get non-authoritative answers with real
> IP's. I am running BIND 9.2.3 from the Fedora 2 install using the
> cut-and-paste files from the docs. DHCP and Apache installed separately.
First use dig on your DNS/NetReg box. Check your logfiles, just to make
sure named hasn't reported any errors. Are you really running BIND8?
Versus BIND9, that is.
Are you sure you're not already running some version of named that came
with your Fedora install?
My comments below are not directly related to your problem at the moment...
> ---------------------
>
> // named.conf for NetReg
>
> // Belongs at /etc/named.conf
>
>
>
> server 140.209.13.3{
>
> bogus yes;
>
> };
>
>
>
>
>
> options {
>
> directory "/etc/";
>
> recursion no;
>
> fetch-glue no;
>
> };
>
>
>
> zone "." in {
>
> type master;
>
> file "db.root";
>
> };
>
> ; Bind 8 -- Zone file -- for NetReg
>
> ; Belongs at /etc/db.root
>
>
>
> $TTL 3600
>
> . IN SOA ust-netregspn.stthomas.edu. root.ust-netregspn.stthomas.edu. (
>
> 2 ;serial
>
> 10800 ;refresh
>
> 3600 ;retry
>
> 604800 ;expire
>
> 86400 ;default ttl
FYI, this is the 'minimum' value, now used for negative caching TTL.
>
> )
>
> IN NS ust-netregspn.stthomas.edu.
>
> ust-netregspn 86400 IN A 140.209.13.3
Your in the root zone (.) here. This should fully
qualified, e.g. ust-netregspn.stthomas.edu.
>
> *. 86400 IN A 140.209.13.3
Get rid of the TTL you've specified here. Let the $TTL
statement take care of that. In any case, this value is
way too large. What happens if a client registers but
doesn't reboot? And the client runs a DNS resolver
service that caches responses? I'd make the default
TTL something on the order of 10 minutes myself.
-Robert
>
>
>
>
> c>
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:46 CDT