OPNsense Forum

English Forums => General Discussion => Topic started by: tazmo on December 29, 2020, 08:06:03 pm

Title: anyone willing to share a working BIND/named config from os-bind?
Post by: tazmo on December 29, 2020, 08:06:03 pm

Well I thought I understood BIND/named having set it up on pfsense but apparently I don't. I am have spent ALL DAY trying to get the os-bind on opnsense working to no avail.

All I want is to have bind answer as the SOA for one small subnet (about 60 IPs). I have recursion turned OFF but named insists on using the root NSs and according to dig, won't answer as a SOA even though opnsense puts a SOA record in that zone!!!! (ARRRRG!!!) dig is being run from localhost and localhost is in my acl. All named-checkconf and named-checkzone files "check out". 

Does anyone have a working example of a working named.conf with one forward and one reverse zone generated by Opnsense they'd be willing to share?

The problem is the example I do have from "the other guy" uses views - which opnsense doesn't have - so it must be throwing me???? I shouldn't need views and other advanced features for a setup this simple...

Unfortunately I need an authoritative nameserver for other internal services, plus would like DNSBL and the ability to have the BIND config saved with the opnsense system configuration in XML format for easy restore, otherwise I would pkg remove os-bind and pkg install bind916 to config it by hand.

Any assistance would be greatly appreciated.

Thanks,
Bob

Title: Re: anyone willing to share a working BIND/named config from os-bind?
Post by: tazmo on December 29, 2020, 08:10:20 pm

sorry... one follow-up... it doesn't respond as a SOA with recursion ON either, or when dig is run from the LAN (as allowed by the ACL).

Bob

Title: Re: anyone willing to share a working BIND/named config from os-bind?
Post by: mimugmail on December 29, 2020, 08:42:56 pm

Forward zones are mit supported yet. Can you post the content of your Reverse zone?

Title: Re: anyone willing to share a working BIND/named config from os-bind?
Post by: tazmo on December 30, 2020, 06:20:15 pm

After more time, I think I got it.

Yes, the os-bind package could use some work... if I get my infrastructure rework complete, I may contribute if the project would be open to it. I'll check the dev docs and contrib agreements. Might be a while though. It seems like there's potential to be much better than the "other guy".

But thanks for the response.... much appreciated.

Bob

Title: Re: anyone willing to share a working BIND/named config from os-bind?
Post by: mimugmail on December 30, 2020, 06:53:31 pm

https://www.routerperformance.net/opnsense/plugin-development/

Title: Re: anyone willing to share a working BIND/named config from os-bind?
Post by: tazmo on December 30, 2020, 07:28:41 pm

Great blog entries!  :)

Thx.

Title: Re: anyone willing to share a working BIND/named config from os-bind?
Post by: rancorm on March 12, 2021, 04:00:33 pm

This is how I have my internal zone configured with OPNsense BIND plugin (os-bind). Internal and reverse zones.

https://cormier.co/post/opnsense-bind-plugin-configuration/ (https://cormier.co/post/opnsense-bind-plugin-configuration/)