Idiocy | Never Underestimate the Power of Stupid People in Large Groups

Eigener Nameserver auf QNAP NAS

Anleitungen für die Installation der Optware IPKG gibt es ja genug. Daher hier nur die Installation des Bind Nameservers:

1. ipkg install bind
2. edit /opt/etc/named/named.conf:

options {
directory “/opt/var/named”;

// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk.  See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0′s placeholder.

//forwarders {
//      !your isps nameservers!
//};
//forward only;

auth-nxdomain no;    # conform to RFC1035
notify no;

allow-query { 127.0.0.1; >your network%lt; };
allow-transfer { none; };
allow-update { none; };
};

//
// Do any local configuration here
//
key “rndc-key” {
algorithm hmac-md5;
secret “!your secret!”;
};

controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { “rndc-key”; };
};

// Consider adding the 1918 zones here, if they are not used in your
// organization
// include “/etc/bind/zones.rfc1918″;

// prime the server with knowledge of the root servers
zone “.” {
type hint;
file “db.root”;
};

3. edit /opt/etc/named/rndc.conf:

# Start of rndc.conf
key “rndc-key” {
algorithm hmac-md5;
secret “!your secret!”;
};

options {
default-key “rndc-key”;
default-server 127.0.0.1;
default-port 953;
};

4. grep yourself a recent copy of the root zone file and put it as db.root in /opt/var/named

5. add your own forward and reverse zones

6. i use forward zones to get the right ip addresses of my vpn connections…

zone “dmz.somewhere.com” {
type forward;
forwarders { !vpn nameservers! };
};

7. don’t forget to enable bind startup script in autorun.sh

Hint: The nameserver has no effect on hibernation!

Back to Top

Write a Comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Powered by WP Hashcash