bind9: DNS updates from windows

Tue, 24 Dec 2002 13:18:32 -0800 

Merry Christmas!

I'm trying to get WinXP clients to update thier own dns for me using
Bind9.  What am I doing wrong?  (Yes, I know access control soley by
IP is insecure, but I've got other means of dealing with that at the DMZ).

// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian for information on the 
// structure of BIND configuration files in Debian, *BEFORE* you customize 
// this configuration file.
//
acl "tfl" { 192.168.1.0/24; };
acl "cave" { 192.168.0.0/24; };

options {
        allow-query { "tfl"; "cave"; 127.0.0.1; };
        allow-transfer { "tfl"; "cave"; };
        directory "/var/cache/bind";
        listen-on port 53 { 192.168.0.1; 127.0.0.1; };

        // If there is a firewall between you and nameservers you want
        // to talk to, you might need to uncomment the query-source
        // directive below.  Previous versions of BIND always asked
        // questions using port 53, but BIND 8.1 and later use an unprivileged
        // port by default.

        // query-source address * port 53;

        // If your ISP provided one or more IP addresses for stable 
        // nameservers, you probably want to use them as forwarders.  
        // Uncomment the following block, and insert the addresses replacing 
        // the all-0's placeholder.

        forwarders {
                4.2.2.2;
                198.236.22.8;
                137.53.223.36;
                137.53.223.44;
                204.127.198.4;
                63.240.76.4;
        };


        #auth-nxdomain no;    # conform to RFC1035

};

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};

// add entries for other zones below here

zone "cave" {
        type master;
        allow-update { "cave"; };
        file "/etc/bind/db.cave";
};

zone "tfl" {
        type master;
        allow-update { "tfl"; };
        file "/etc/bind/db.tfl";
};

zone "192.in-addr.arpa" {
        type master;
        allow-update { "cave"; "tfl"; };
        file "/etc/bind/db.192";
};



-- 
 .''`.     Baloo <[EMAIL PROTECTED]>
: :'  :    proud Debian admin and user
`. `'`
  `-  Debian - when you have better things to do than to fix a system

Attachment: msg20901/pgp00000.pgp
Description: PGP signature

Reply via email to