|
Mark, I recently implemented the "reverse" version of what you are doing.
The primary internal servers were "masters" of db.net.local and db. 10
domain. All of our network devices were on these 2 files (forward /reverse
lookup). When netview discovered a device it queried the
smartsets and if it was found in a Network smartset it will do an
snmpget for system name, then append .net.local and do and nsupdate to
add. What I did was to allow Netview to provide dynamic updates to the dns
server. Netview is also its own dns server and is doing its own lookups.. We are
running Aix 433 and BIND8.
The primary internal dns server is the master
of the zone db.net.local, I entered in the options portion of
/etc/named.conf:
also-notify { 10.24.0.100; 10.24.0.102;
};
allow-transfer { 10.20.8.19; 10.24.0.100; 10.24.0.102; };
On the Master Zones of the same file
zone "net.local" in { type master; file
"db.net.local";
allow-update { 10.24.0.100; 10.24.0.102; };
};
ON NETVIEW: /etc/named included this entries
options {
directory
"/usr/local/named";
// use current directory
named-xfer "/usr/sbin/named-xfer"; //
_PATH_XFER
dump-file
"named_dump.db";
// _PATH_DUMPFILE
pid-file
"/etc/named.pid";
// _PATH_PIDFILE
statistics-file
"named.stats"; //
_PATH_STATS
check-names master
fail;
check-names slave
warn;
check-names response
ignore;
datasize
default;
stacksize
default;
coresize
default;
files
unlimited;
recursion
yes;
fetch-glue
yes;
fake-iquery
no;
auth-nxdomain
yes;
// always set AA on NXDOMAIN.
multiple-cnames
no; //
if yes, then a name my have more
allow-query { any; };
allow-transfer { 10.20.8.13; 10.20.8.19; };
//
******************************************************************
//
Master 'ZONES'
//
******************************************************************
zone "0.0.127.in-addr.arpa" in { type master; file
"db.127.0.0";
check-names
fail;
allow-update { none; };
:
//
******************************************************************
//
SLAVE 'ZONES'
//
******************************************************************
zone "10.in-addr.arpa" in { type slave; file
"db.10";
masters { 10.20.8.13; }
;
allow-update { 10.24.0.100; 10.24.0.102; };
};
zone
"168.192.in-addr.arpa" in { type slave; file
"db.192.168";
masters { 10.20.8.13; }
;
allow-update { 10.24.0.100; 10.24.0.102; };
};
zone "local" in { type slave; file
"db.local";
masters { 10.20.8.13; } ;
};
zone "net.local" in { type slave; file
"db.net.local";
masters { 10.20.8.13; }
;
allow-update { 10.24.0.100; 10.24.0.102; };
In your case, you should reverse the master and slave types and only have
"allow transfers" not allow-updates as this is for dynamic updates.
Remember to edit /etc/rc.tcpip /etc/resolv.conf and /etc/netsvc.conf
accordingly.
Hope that helps...
>>> "Scherting, Mark" <mscherting@state.mt.us> 07/09/02
03:33PM >>>
Hi all,
I've been off the list for a bit and am
now jumping back into the fray with
a couple of questions. First, where
are the list archives now?
Second, I've been asked to look into
implementing DNS on my NV/AIX 4.3.3 box
to manage a zone containing just our
network devices and from which our
primary DNS would load this zone.
Has anyone done something like this?
Please point me toward some AIX specific
examples, Redbooks, etc. I've read
the O'Reilly DNS & Bind book for
the concepts but would like to see some
configuration examples in black &
white.
Any recommendations on which version of Bind and h2n to use and
where to get
them? Are there any newer/better tools than h2n for
AIX?
Thanks!
Mark Scherting
State of Montana
Information
Technology Services
Division
---------------------------------------------------------------------
To
unsubscribe, e-mail: nv-l-unsubscribe@lists.tivoli.com
For additional
commands, e-mail: nv-l-help@lists.tivoli.com
*NOTE*
This is not an
Offical Tivoli Support forum. If you need immediate
assistance from Tivoli
please call the IBM Tivoli Software Group
help line at
1-800-TIVOLI8(848-6548)
|