BIND -listen on?

[CompCrasher]

[mdk9.2;BIND 9.2.3]
Mam problemy s BINDem. Ze serveru resolvuji jmeno v pohode:
# host david.x.com
david.x.com has address 192.168.x.x
# netstat -l -n --program | grep named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:32772 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*


, ale z jineho pc uz je to horsi.. At se snazim, jak se snazim, tak se na DNSko z jineho pc nedostanu... Ani telnetem na port 953... Tady jsou resolv.conf a named.conf

Kód:

 named.conf
 controls {
       inet 127.0.0.1 port 953
               allow { 127.0.0.1; } keys { mykey; };
 };

options {
        directory "/var/named/";
        pid-file "/var/run/named/named.pid";              
        auth-nxdomain yes;
        listen-on {

        0.0.0.0;
        127.0.0.1;
                };
};

zone "." {
        type hint;
        file "named.ca";
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "named.local";
};

zone "wifistar.com" {
        type master;
        file "wifistar.zone";
        allow-update { key mykey; };
};

zone "2.168.192.in-addr.arpa" {
        type master;
        file "wifistar.reversed";
        allow-update { key mykey; };
};

Kód:

resolv.conf
nameserver 127.0.0.1

[KUBA]

Mas ty soubory zon ulozeny ve spravny ceste? Co znamena ta cast controls {...}?

PS: mel bys tam mit taky zonu localhost, myslim, ze to je v nejaky RFC..

[Fox!MURDER]

ti ten bind neposloucha na UDP 0.0.0.0:53 mi prijde (resp. posloucha na UDP Portu 53 jen na 127.0.0.1 a tam se k nemu krom lokalu nic nedostane)

[Rainbow]

listen-on 0.0.0.0 je co za blbost? Tam sa ma zadat IPcka interface, na ktorom to pocuva. Ja to mam takto:

Kód:

options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
//      query-source address 10.2.20.2 port 53;
        query-source address 10.2.40.234 port 53;

        forward only;
        forwarders {
                213.215.74.100;
                195.12.128.1;
                195.168.1.2;
        };

        listen-on {
                127.0.0.1;
                192.168.0.1;
        };
        interface-interval 0;
        cleaning-interval 0;

[CompCrasher]

listen-on 0.0.0.0 je co za blbost? Tam sa ma zadat IPcka interface, na ktorom to pocuva. Ja to mam takto:

Kód:

options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
//      query-source address 10.2.20.2 port 53;
        query-source address 10.2.40.234 port 53;

        forward only;
        forwarders {
                213.215.74.100;
                195.12.128.1;
                195.168.1.2;
        };

        listen-on {
                127.0.0.1;
                192.168.0.1;
        };
        interface-interval 0;
        cleaning-interval 0;

Mno ja myslim ze to nejni blbost, (0.0.0.0 nahradi 192.168.1.1 a 192.168.2.1) .... Jinak to celou dobu fungovalo, ten timeout to v tom woknoidnim systemu psalo protoze nslookup chtel nejaky info o mym DNSku (nevim proc to nejde, ale na funkcnosti to neskodi) ... I kdyz to povolim "auth-nxdomain yes", tak nic ....

btw- neprislo mi nic o novem reply, takze se omlouvam ze pisu tak pozde... stejne dik!