[Freedombox-discuss] BIND not working, or am I minunderstanding something?

[James Valleroy]

Hello,

On 5/9/21 3:41 PM, A. F. Cano wrote:
> 
> Does BIND (Domain Name Server) require manual configuration on the FreedomBox?

Yes, it does. BIND has a basic default configuration to allow recursive lookup from local clients, to listen on IPv6 also, and to validate DNSSEC. 

Forwarded can be configured, and DNSSEC can be toggled off if needed.

It also creates the folder /var/bind/pri which is meant to hold zone files. However, it does not create any zone files, so those would have to be created manually.

(Also, I am not sure if this is set up correctly. I cannot find any reference to /var/bind/pri in the configuration.)

Note that simply enabling BIND does not cause any clients to actually use 

it. Even the FreedomBox itself will not be using it.

For example, when doing a lookup on my FreedomBox, it is asking the router:

$ dig debian.org
...
;; SERVER: 192.168.1.1#53(192.168.1.1)


However you can specify to use the local BIND instead:

$ dig @127.0.0.1 debian.org
...
;; SERVER: 127.0.0.1#53(127.0.0.1)


To try to get it to use the local BIND by default, I set the DNS Server for "FreedomBox WAN" to 127.0.0.1, and then restarted the FreedomBox.

After restarting:

$ dig debian.org
...
;; SERVER: 127.0.0.1#53(127.0.0.1)


I don't have a 2nd interface for a shared network, so I can't test that. But I assume it may also require some additional configuration.

I hope that answers some of your questions. To answer one more in particular, you should not remove the Network Manager connection. Network Manager needs to have a connection to do anything. Probably 2 connections in your case.

--
James



-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/freedombox-discuss/attachments/20210529/aa7095cc/attachment.sig>