ispCP - Board - Support
DHCP3 - Lenny Update - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: System Setup & Installation (/forum-32.html)
+--- Thread: DHCP3 - Lenny Update (/thread-7672.html)



DHCP3 - Lenny Update - momo - 08-28-2009 01:40 AM

Hi everybody,

I had this problem with /etc/resolv.conf
I don't know if it is ispCP concern, but after updating recent dhcp3, resolv.conf only had this line
Code:
nameserver 127.0.0.1

I have finally replaced this line with
Code:
nameserver x.x.x.200
nameserver x.x.x.202
from my dedicated server supplier.

Is it ok to only put these in /etc/resolv.conf ?

Any help would be appreciated.


RE: DHCP3 - Lenny Update - kilburn - 08-28-2009 01:44 AM

It is ok as long as you are not trying to use "fake" domains to test the panel. Otherwise, keep the "nameserver 127.0.0.1" line and just let the ispcp-configured bind server take care of all the local DNS queries.


RE: DHCP3 - Lenny Update - momo - 08-28-2009 01:50 AM

Whenever I put
Code:
nameserver 127.0.0.1
in /etc/resolf.conf
/var/log/mail.log says
Code:
NOQUEUE: reject: RCPT from unknown
disconnect from unknown
connect from unknown

When I remove it,
Code:
connect from smtp3.globetrotter.net
etc

Can I just not put 127.0.0.1 ?
Is this normal ?


RE: DHCP3 - Lenny Update - kilburn - 08-28-2009 04:24 AM

Do you have bind running correctly?


RE: DHCP3 - Lenny Update - momo - 08-28-2009 04:33 AM

Thanks for helping me.
Thats a good question... (eek!)

The only thing I know is that I have commented this line in /etc/bind/named.conf
Code:
#include "/etc/bind/vhcs.conf";
and that I have followed this http://www.isp-control.net/documentation/doku.php?id=howto:security:make_ispcp_more_secure
10.) Securing Open DNS server (BIND 9)
(These edit were a while ago)

It looks like it works.
After editing/testing with /etc/resolv.conf I never restarted bind...?


RE: DHCP3 - Lenny Update - kilburn - 08-28-2009 06:04 AM

Quote:and that I have followed this http://www.isp-control.net/documentation...ore_secure
10.) Securing Open DNS server (BIND 9)

Gotha! Replace the "recursion no" directive you've put in /etc/bind/named.conf.options by:
Code:
allow-recursion { localnets; };

"recursion no" prevents the server of properly acting as a resolver, even for itself. With my new proposal, it will act as a resolver, but only the IP's of your server (which is good).


RE: DHCP3 - Lenny Update - momo - 08-28-2009 08:25 AM

Wo!!! Can't wait to try this later tonight, when everyboby sleeps (hihihi)

I will tell you how it went.


RE: DHCP3 - Lenny Update - momo - 08-28-2009 01:34 PM

YES!

I drink to you.

Feels like good old fine smooth (for now) server again.

Thanks for updating the howto too.