Anleitungen für die Installation der Optware IPKG gibt es ja genug. Daher hier nur die Installation des Bind Nameservers:
1. ipkg install bind
2. edit /opt/etc/named/named.conf:
options {
directory “/opt/var/named”;
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0′s placeholder.
//forwarders {
// !your isps nameservers!
//};
//forward only;
auth-nxdomain no; # conform to RFC1035
notify no;
allow-query { 127.0.0.1; >your network%lt; };
allow-transfer { none; };
allow-update { none; };
};
//
// Do any local configuration here
//
key “rndc-key” {
algorithm hmac-md5;
secret “!your secret!”;
};
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { “rndc-key”; };
};
// Consider adding the 1918 zones here, if they are not used in your
// organization
// include “/etc/bind/zones.rfc1918″;
// prime the server with knowledge of the root servers
zone “.” {
type hint;
file “db.root”;
};
3. edit /opt/etc/named/rndc.conf:
# Start of rndc.conf
key “rndc-key” {
algorithm hmac-md5;
secret “!your secret!”;
};
options {
default-key “rndc-key”;
default-server 127.0.0.1;
default-port 953;
};
4. grep yourself a recent copy of the root zone file and put it as db.root in /opt/var/named
5. add your own forward and reverse zones
6. i use forward zones to get the right ip addresses of my vpn connections…
zone “dmz.somewhere.com” {
type forward;
forwarders { !vpn nameservers! };
};
7. don’t forget to enable bind startup script in autorun.sh
Hint: The nameserver has no effect on hibernation!