From Nuclear Physics Group Documentation Pages
Revision as of 21:52, 27 February 2016 by Maurik (talk | contribs) (→‎Named serves DNS records)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Named serves DNS records

Named is the deamon that provides DNS services. It runs on jalapeno, and lentil , where jalapeno is the master and lentil is the slave . These DNS services are only accessible on the backend network: for jalapeno. on the "peers" group, i.e. the backend and the UNH network.

The configuration for DNS is in /etc/named.conf The entries for the DNS are on jalapeno in /var/named/
After making any edits, make sure you reload the tables: /etc/init.d/named reload

Note that to make use of jalapeno as a name server, the resolve.conf of the node has to have come first. The UNH name servers will return the for anything * and thus give the wrong address for *

Configuration information for named i.e. BIND is found here:

There is STILL a problem with the UNH network and the forwarding request reaching servers. On September 16 2014 this completely stopped working.


See: Seems our system was used in a DDOS attack on Feb 22, 2016 This was set wide open. Seems Aaron’s legacy, still had Xemed and “9green”, “sunsetlabs” etc in it, but commented out. I now restricted query, transfer and recursion to “peers”: local systems and the farm.


Comments below were for the old configuration. This is no longer the case.

Named used to run on Jalapeño and tomato, but it no longer runs on tomato. The alternate system is now lentil.

Named (Bind) Configuration

We run named in a "chroot jail" for safety. The jail is in /var/named/chroot. See Chroot-BIND-HOWTO. The chroot directory does NOT need a "proc", which messes up backups of "var". "dev" also messes up the backups, but I'm unsure about whether this is actually necessary.