I was using DNS Stuff to test out a ew things and I had a question about this: http://www.dnsstuff.com/tools/dnstime.ch?name=www.plastikracing.net&type=A It says: I'm using ISPconfig if that helps. Is this anything I should be concerned about?
This is how I fix the open DNS problem: Open Code: /root/ispconfig/isp/conf/named.conf.master and add in the OPTIONS part: Code: allow-recursion { localhost; }; (it should look like this at the edit) Code: options { pid-file "/var/run/bind/run/named.pid"; directory "{BINDDIR}"; auth-nxdomain no; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; allow-recursion { localhost; }; After this make a small change in ISPconfig to make it read the new named.conf.master
Thank you. I think you left out a bracket though, but maybe I'm wrong. Shouldn't it be: Code: options { pid-file "/var/run/bind/run/named.pid"; directory "{BINDDIR}"; auth-nxdomain no; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; allow-recursion { localhost; } };
Yes.. My code is missing an extra bracket and a ; This is how it should look like Code: options { pid-file "/var/run/bind/run/named.pid"; directory "{BINDDIR}"; auth-nxdomain no; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; allow-recursion { localhost; }; }; Note the }; part just below the localhost;
Sweet. That's what I thought it was. I guess you just didn't copy the entire "option" section. Now, I've saved the file and rebooted the server. Is there anything else I have to do to get it to work?
What I normally do is make a small change in ISPconfig for any site (just enable something for a site and than disable it again will do) This will make ISPconfig reload all the needed files. a reboot should work also I guess
An issue with this is that the named.conf file is overwritten (on update?). Any way to have a more permanent solution?
Yes. Add it to /root/ispconfig/isp/conf/named.conf.master Or are you talking about update of ISPconfig (version nr.) itself?
Create a customized version of named.conf.master in /root/ispconfig/isp/conf/customized_templates/named.conf.master. It won't get overwritten on updates.
Do I just put this part in there? options { pid-file "/var/named/chroot/var/run/named/named.pid"; directory "/var/named/chroot/var/named"; auth-nxdomain no; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; allow-recursion { localhost; }; }; Also, it was overwritten last night too (not sure what did that). Will this template prevent that too?
