9.1.2.1. Procedure – Configuring BIND with ZMC
Add the
Text editor
as a new component.Select a template to be used with the Text Editor.
Select one of the first two templates depending on whether your want a split DNS configuration or not.
Click
.Configure the basic settings in the opening window.
Provide the
name.This parameter simply specifies a label for the component that appears in the components pane.
Specify
.This parameter defines where the outgoing name resolution requests originate on the firewall.
Note Prior to BIND 8.1 the source port was 53 (just like the destination port), but since then BIND uses a port from the dynamic range, 5300 by default.
This might be important in back-to-back firewall configurations where there is another firewall in front of this instance of Zorp. To allow outgoing DNS requests, the front firewall must know the source port used by the BIND service.
Besides supplying an alternate port number, you can supply a fixed IP address of Zorp if it has more than one in the required direction. If this setting is not relevant in your network environment, choose the IP address of the outside interface.
Define
.In a Zorp installation, BIND is usually configured as a forward-only nameserver. If you configure a forwarder, BIND does not resolve names recursively on the Internet, but instead it forwards all name resolution requests to the DNS server specified as the forwarder.
After entering values for these parameters the first round of BIND configuration is ready, a functional forward-only nameserver is in place.
To permit access to the BIND service, enable the
dns
local service. If you plan to host zone database information on the Zorp Gateway, enable thedns-zonetrans
local service as well. See Section 9.4, Local services on Zorp for details.Note If you use zone transfer, be careful with selecting which zones you accept zone transfer requests from.
Published on May 30, 2024
© BalaSys IT Ltd.
Send your comments to support@balasys.hu