It is very common for beginners to make mistakes when editing BIND
configuration files or run in to initial difficulties using
named. Be sure to avoid the following problems:
Make sure you increment the serial number when editing a
zone file.
If the serial number is not incremented, your master nameserver may
have the correct, new information, but your slave nameservers will
never be notified of the change or attempt to refresh their data of
that zone. After all, their serial number will match the one on the
master nameserver, even though their data for the zone is completely
different than what is on the master.
Be careful to use ellipses and semi-colons correctly in the
/etc/named.conf file.
An omitted semi-colon or unclosed ellipse section will cause
named to refuse to start.
Remember to place dots
(.) in zone files after all FQDNs
and omit them on hostnames.
The dot symbolizes that the name given is full and complete. If the
dot is omitted, then named will place the name of
the zone or the $ORIGIN value after the name to
complete it.
If you are having problems with your firewall blocking
connections from your named to other
nameservers, you should manually tell named to
use port 53 for upstream queries.
BIND version 9 uses random ports above 1024 query other nameservers
to resolve names, just like other DNS clients do, connecting to the
remote nameserver's port 53. Some firewalls, however, expect
nameservers to communicate with each other with both systems using
port 53. You can place the following line in the
options statement to force named
to send queries from port 53:
query-source address * port 53; |
