Since using the Sentry Firewall CD as a DNS server as well as a router or firewall has proven to be a popular choice, I am including some basic info on utilizing BIND. Note that, except for minor variations on where the configuration and zone files are located, start/stopping the daemon and the general configuration of BIND should not vary too much compared to other Linux systems.
Currently, BIND version 9 is the primary DNS daemon available on the CD. Several of the branches, however, will still contain a statically linked BIND 8 for your use as well. Note, however, that BIND 8 will eventually be deprecated and removed from the CD.
In the SENTRYCD branch one can start the server by running "/etc/rc.d/rc.named start". You can run this via the command line, or edit rc.inet2 and uncomment the appropriate linesto allow the server to start at boot-time. You would then, of course, need to place themodified rc.inet2 file on a floppy or a remote server and use the 'rc.inet2' directive in your sentry.conf file to declare its location. In short, the rc.named file takes the followingarguments:
In the SENTRYCD-DEB branch, one can use the command "/etc/init.d/bind9 start" to start named. The "/etc/init.d/bind9" init script also take the arguments "stop", "reload", and "restart" - all of which are pretty self explanatory.
Both versions of BIND are run in a chroot environment, located in "/var/chroot/named". The chroot environment generally looks like the following:
/var/chroot/named/
+-- dev
+-- etc
| +-- namedb
| +-- slave
+-- var
+-- log
+-- run
+-- named <-- symlink to ../etc/namedb
+-- usr
+-- sbin
The named.conf file is located in "/etc" and "/var/chroot/named/etc". The 'named.conf' configuration directive automatically places the named.conf file in both locations. Zone files are generally kept in "/var/chroot/named/etc/namedb" and "/var/chroot/named/etc/namedb/slave". The "usr" and "usr/sbin" directories store the statically linked BIND 8 version of the 'named'and 'named-xfer' binaries, and are not applicable on the SENTRYCD-DEB branch.
The following are links to other resources to help you work with and configure the BIND DNS server. Please also feel free to post to the mailing list if you run into any Sentry Firewall CD specific configuration issues.