KLUG Meeting Minutes and Agenda (#35) The 35th meeting of the Kingston Linux User Group was held Wed, Sept 5, 2001 at 7PM at RMC. The meeting lasted until about 9:30 PM. The attendees were: Chirinian, Greg Conrad-Avarmaa, Brigitte Drummond, Mark Healy, Art Mitton, Doug Murrel, Brian J. Paul, Derek Szafranski, Mike Meeting Schedule: 36 - Mon. Oct. 1 at RMC. "Network Services 2" 37 - Wed. Nov. 7 at RMC. "System & Network Security I" 38 - Mon. Dec. 3 at RMC. "System & Network Security II" Summary Of Activities: - Web page and domain - http://www.klug.on.ca/ - Hosted by Internet Kingston! (Thanks!) - We also have klug.ca registered but it is not yet activated. - Mailing List - http://www.klug.on.ca - Or send an email with "subscribe klug-general" in the body to majordomo@klug.on.ca - or "subscribe klug-security" in the body to majordomo@klug.on.ca - Usenet Group - kingston.os.linux (General, not just KLUG) Agenda/Minutes: 1) Roll Call and Introductions (if required) - See attendees above. 2) This Meeting: First off, due to a room problem we ended up moving to G223 about 7:20, I hope no one missed us. Also, we had 2 new attendees BUT once again we didn't do our introductions, sorry to Brian and Greg. All I can say is don't be shy, join in There were 8 attendees to our 24th presentation "Network Services 1" by Mark Drummond. This turned out to be completely devoted to setting up a DNS server, a continuation of the previous 2 demonstration meetings where this task was not completed. First. Mark explained the upside down tree structure of the "Domain Name [Resolution] Service" and how it starts with a "." or root and proceeds through the various top level domains including .com, .edu, .net, .ca, etc and terminates at some specific host such as klug.on.ca. The DNS provides a hostname-to-Ip mapping that is required to use names such as klug.on.ca instead of IP addresses like 205.189.48.20. Mark explained that this example was going to be for a simple home system with computers on an internal intranet and a gateway/firewall/NAT connection to the internet. This setup would be locally authoritative for intranet, caching for external and then resolve externally. Also, it would use the standard (at least on Linux) BIND package which should be available in all distributions. Mark then proceded to edit the /etc/named.conf file and create and edit the required files in the /var/named/ directory. There was not that much, a file for root cache (db.cache), a file for local resolution (db.127.0.0) and 2 files for intranet forward and reverse resolution (db.100acrewood and db.192.168.1). These last 2 are the only ones you would have to change for your home network. We then used the "ndc start" command to start named, then the "dig" command to verify that it was working. Mark also mentioned a few web based lookup sites for manual use, www.allwhois.com, www.arin.net, www.apnic.net and www.ripe.net. Mark also suggested obtaining the "DNS HowTo" for more details on the various options that he touched on briefly. The How-To can be found in various forms by searching any of the standard Linux home pages such as linux.com, .net and .org. I implemeted this on my gateway machine a couple of days after the meeting. I grabbed a copy of the text based How-To (I like it printed out and sitting beside me while I work at it) and set to work along with the notes I took at the presentation. The only area of confusion, and Mark did mention this, is that there are some differences in the naming convention for the files in /var/named/ and in the /etc/named.conf file between various authors. The content and layout is the same but the actual file names are not. As long as you are consistent it will work. One of the differences was the How-To talked about the /var/named/root.cache file where Marks convention called it /var/named/db.cache, no problem but just an observation. I used Marks naming convention by-the-way. I also made one other change. When you start named, by default it runs the DNS service on ALL network interfaces, in my case intranet and internet. Since I only wanted it for my intranet I added the following line to the "options" section of "/etc/named.conf" listen-on { 192.168.10.1; }; This seems to limit it to my intranet and has no ill effects in the 4 days I've been using it. Thanks to Mark and all who attended and participated. 3) Next Meeting: Mon, Oct. 1 at RMC. "Network Services 2"