Help - Search - Members - Calendar
Full Version: Closing DNS Server
The Planet Forums > System Administration > DNS Hosting
SwedBear
Feb 20 2007, 07:15 AM
While doing some routine checks at dnsreport for my domain I realized that it was reporting my nameservers, which are on my main machine (I plan on using one from theplanet as secondary soon) as Open and thus failing the Open DNS Server test.

It suggested a fix for bind:

"Open named.conf with a text editor
Use a line "recursion no;" in the "options" clause (or in the "view" clause)
If you need to enable recursion for your local network, you can use a "allow-recursion { ADD_LIST_OF_YOUR_IP_RANGES_HERE; }" line in the "options" section. "

I also found this thread in the Ensim forum: http://forums.theplanet.com/index.php?showtopic=85643 where it said that I should edit a file in /etc/bind/ .

However - the folder /bind/ does not exist on my server. I use CPanel, not ensim. Is that the reason? Should I edit the named.conf file with the same lines like was mentioned in the other thread (xxx being the two ip's to my nameservers):

options {
directory "/var/named";
version "DNS";
allow-recursion { 127.0.0.1; xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; };
listen-on { 127.0.0.1; xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; };
}

or should I only use

options {
recursion no;
allow-recursion { 127.0.0.1; xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; };
}

I don't want to break anything so I just wanted to check with you guys.

Thanks in advance.

/Björn
skeeter1jd
Feb 20 2007, 07:31 AM
Either way works. Just be aware that although that warning is there, it's benign. It's not mission critical.
SwedBear
Feb 21 2007, 03:21 AM
QUOTE (skeeter1jd @ Feb 20 2007, 08:31 AM) *
Either way works. Just be aware that although that warning is there, it's benign. It's not mission critical.


Thanks! i guessed it wasn't to critical since everything has worked fine until now but since it did fail me and suggest you close the DNS--server I thought I might as well get it done. And so far it seems to have not broken anything icon_smile.gif. So thanks for the quick reply!

/B
craigmack
Feb 28 2007, 10:40 PM
I closed my dns using the following between the option {} adding recursion no; it closed the dns however i wasn't able to use wget or ping until i took it out, i also added this allow-recursion { 127.0.0.1; xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; }; and still couldn't use ping or wget, am i missing something?

P.S. the xxx.xxx.xxx.xxx was replaced by my nameserver ips
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.