5.3 & bind9: named.conf vs. named.sample ; why are they different?

From: spam maps <spamrefuse_at_yahoo.com>
Date: Sun, 3 Oct 2004 05:47:10 -0700 (PDT)
I have these two files in /var/named/etc/namedb, but
are different.
Is /var/named/etc/namedb/named.conf redundant and old?

# diff -u /var/named/etc/namedb/named.conf 
/var/named/etc/namedb/named.sample
--- /var/named/etc/namedb/named.conf    Sat Oct  2
14:58:53 2004
+++ /var/named/etc/namedb/named.sample  Sat Oct  2
14:55:49 2004
_at__at_ -1,14 +1,28 _at__at_
-// $FreeBSD: src/etc/namedb/named.conf,v 1.15
2004/06/06 11:46:29 
schweikh Exp $
+// $FreeBSD: src/etc/namedb/named.conf,v 1.15.2.1
2004/09/30 23:36:07 
dougb Exp $
  //
-// Refer to the named.conf(5) and named(8) man pages
for details.  If
-// you are ever going to set up a primary server,
make sure you
+// Refer to the named.conf(5) and named(8) man pages,
and the 
documentation
+// in /usr/share/doc/bind9 for more details.
+//
+// If you are going to set up an authoritative
server, make sure you
  // understand the hairy details of how DNS works. 
Even with
  // simple mistakes, you can break connectivity for
affected parties,
  // or cause huge amounts of useless Internet
traffic.

  options {
-       directory "/etc/namedb";
-       pid-file "/var/run/named/pid";
+       directory       "/etc/namedb";
+       pid-file        "/var/run/named/pid";
+       dump-file       "/var/dump/named_dump.db";
+       statistics-file "/var/stats/named.stats";
+
+// If named is being used only as a local resolver,
this is a safe 
default.
+// For named to be accessible to the network, comment
this option, 
specify
+// the proper IP address, or delete this option.
+       listen-on       { 127.0.0.1; };
+
+// If you have IPv6 enabled on this system, uncomment
this option for
+// use as a local resolver.  To give access to the
network, specify
+// an IPv6 address, or the keyword "any".
+//     listen-on-v6    { ::1; };

  // In addition to the "forwarders" clause, you can
force your name
  // server to never initiate queries of its own, but
always ask its
_at__at_ -28,30 +42,12 _at__at_
          * If there is a firewall between you and
nameservers you want
          * to talk to, you might need to uncomment
the query-source
          * directive below.  Previous versions of
BIND always asked
-        * questions using port 53, but BIND 8.1 uses
an unprivileged
-        * port by default.
+        * questions using port 53, but BIND versions
8 and later
+        * use a pseudo-random unprivileged UDP port
by default.
          */
         // query-source address * port 53;
-
-       /*
-        * location for the dumpfile.
-        */
-       // dump-file "s/named_dump.db";
  };

-// Note: the following will be supported in a future
release.
-/*
-host { any; } {
-       topology {
-               127.0.0.0/8;
-       };
-};
-*/
-
-// Setting up secondaries is way easier and a rough
example for this
-// is provided below.
-//
  // If you enable a local name server, don't forget
to enter 127.0.0.1
  // first in your /etc/resolv.conf so this server
will be queried.
  // Also, make sure to enable it in /etc/rc.conf.
_at__at_ -63,26 +59,26 _at__at_

  zone "0.0.127.IN-ADDR.ARPA" {
         type master;
-       file "localhost.rev";
+       file "master/localhost.rev";
  };

  // RFC 3152
  zone 
"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"
{
         type master;
-       file "localhost-v6.rev";
+       file "master/localhost-v6.rev";
  };

  // RFC 1886 -- deprecated
  zone 
"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT"
{
         type master;
-       file "localhost-v6.rev";
+       file "master/localhost-v6.rev";
  };

  // NB: Do not use the IP addresses below, they are
faked, and only
  // serve demonstration/documentation purposes!
  //
-// Example secondary config entries.  It can be
convenient to become
-// a secondary at least for the zone your own domain
is in.  Ask
+// Example slave zone config entries.  It can be
convenient to become
+// a slave at least for the zone your own domain is
in.  Ask
-        * If running in a sandbox, you may have to
specify a different
-        * location for the dumpfile.
-        */
-       // dump-file "s/named_dump.db";
  };

-// Note: the following will be supported in a future
release.
-/*
-host { any; } {
-       topology {
-               127.0.0.0/8;
-       };
-};
-*/
-
-// Setting up secondaries is way easier and a rough
example for this
-// is provided below.
-//
  // If you enable a local name server, don't forget
to enter 127.0.0.1
  // first in your /etc/resolv.conf so this server
will be queried.
  // Also, make sure to enable it in /etc/rc.conf.
_at__at_ -63,26 +59,26 _at__at_

  zone "0.0.127.IN-ADDR.ARPA" {
         type master;
-       file "localhost.rev";
+       file "master/localhost.rev";
  };

  // RFC 3152
  zone 
"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"
{
         type master;
-       file "localhost-v6.rev";
+       file "master/localhost-v6.rev";
  };

  // RFC 1886 -- deprecated
  zone 
"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT"
{
         type master;
-       file "localhost-v6.rev";
+       file "master/localhost-v6.rev";
  };

  // NB: Do not use the IP addresses below, they are
faked, and only
  // serve demonstration/documentation purposes!
  //
-// Example secondary config entries.  It can be
convenient to become
-// a secondary at least for the zone your own domain
is in.  Ask
+// Example slave zone config entries.  It can be
convenient to become
+// a slave at least for the zone your own domain is
in.  Ask
  // your network administrator for the IP address of
the responsible
  // primary.
  //
_at__at_ -92,23 +88,15 _at__at_
  //
  // Before starting to set up a primary zone, make
sure you fully
  // understand how DNS and BIND works.  There are
sometimes
-// non-obvious pitfalls.  Setting up a secondary is
simpler.
+// non-obvious pitfalls.  Setting up a slave zone is
simpler.
  //
  // NB: Don't blindly enable the examples below. :-) 
Use actual names
  // and addresses instead.
-//
-// NOTE!!! FreeBSD can run bind in a sandbox (see
named_flags in 
rc.conf).
-// The directory containing the secondary zones must
be write 
accessible
-// to bind.  The following sequence is suggested:
-//
-//     mkdir /etc/namedb/s
-//     chown bind:bind /etc/namedb/s
-//     chmod 750 /etc/namedb/s

  /*
-zone "domain.com" {
+zone "example.com" {
         type slave;
-       file "s/domain.com.bak";
+       file "slave/example.com";
         masters {
                 192.168.1.1;
         };
_at__at_ -116,7 +104,7 _at__at_

  zone "0.168.192.in-addr.arpa" {
         type slave;
-       file "s/0.168.192.in-addr.arpa.bak";
+       file "slave/0.168.192.in-addr.arpa";
         masters {
                 192.168.1.1;



		
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
Received on Sun Oct 03 2004 - 10:47:11 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:15 UTC