Solaris 10 zone with Bind, setting it up as cacheing nameserver Derek Crudgington - dacrud@gmail.com # zonecfg -z zone1 zone1: No such zone configured Use 'create' to begin configuring a new zone. zonecfg:zone1> create zonecfg:zone1> set zonepath=/zones/zone1 zonecfg:zone1> add net zonecfg:zone1:net> set physical=e1000g0 zonecfg:zone1:net> set address=192.168.1.201 zonecfg:zone1:net> end zonecfg:zone1> add inherit-pkg-dir zonecfg:zone1:inherit-pkg-dir> set dir=/opt zonecfg:zone1:inherit-pkg-dir> end zonecfg:zone1> info zonepath: /zones/zone1 autoboot: false pool: inherit-pkg-dir: dir: /lib inherit-pkg-dir: dir: /platform inherit-pkg-dir: dir: /sbin inherit-pkg-dir: dir: /usr inherit-pkg-dir: dir: /opt net: address: 192.168.1.202 physical: e1000g0 zonecfg:zone1> verify zonecfg:zone1> commit zonecfg:zone1> exit then I issue: # zoneadm –z zone1 install # zoneadm list -vc ID NAME STATUS PATH 0 global running / 2 zone1 running /zones/zone1 - zone2 configured /zones/zone2 # zoneadm –z zone1 boot # ping 192.168.1.201 192.168.1.201 is alive # df -ah /zones Filesystem size used avail capacity Mounted on /dev/dsk/c0d1s6 4.8G 85M 4.7G 2% /zones If you don’t have a separate /zones slice, you can use du command to check how much space it took: # zlogin –C –e\@ zone1 configure it, then it will reboot # zlogin zone1 # svcadm disable application/print/cleanup:default disable all application/print services # svcadm disable network/nfs/rquota:default disable all network/nfs services disable network/telnet, finger, rlogin, shell, smtp, ftp, etc. disable snmpd, dtlogin, dmispd through appropriate /etc/rcX.d directories disable x11 font server xfs to setup dns server, we need network/dns/server:default and network/dns/client:default running through svcadm, so: svcs –a | grep dns if they are off, turn them on. Edit named.conf # mkdir /var/named Create dns files /etc/named.conf --- // STEPTX BIND9 CONFIG FILE, derek@steptx.org options { // tell named where to find files mentioned below directory "/var/named"; // on a multi-homed host, you might want to tell named // to listen for queries only on certain interfaces listen-on { 127.0.0.1; 192.168.1.201; }; }; // The single dot (.) is the root of all DNS namespace, so // this zone tells named where to start looking for any // name on the Internet zone "." IN { // a hint type means that we've got to look elsewhere // for authoritative information type hint; file "named.root"; }; // Where the localhost hostname is defined zone "localhost" IN { // a master type means that this server needn't look // anywhere else for information; the localhost buck // stops here. type master; file "zone.localhost"; // don't allow dynamic DNS clients to update info // about the localhost zone allow-update { none; }; }; // Where the 127.0.0.0 network is defined zone "0.0.127.in-addr.arpa" IN { type master; file "revp.127.0.0"; allow-update { none; }; }; in /var/named: named.root needs to go in here, get this file from ftp://ftp.internic.net/domain/named.root zone.localhost: ;loopback/localhost zone file ; $TTL 1D $ORIGIN localhost. @ IN SOA @ root ( 1 ; Serial 8H ; Refresh 15M ; Retry 1W ; Expire 1D) ; Minimum TTL IN NS @ IN A 127.0.0.1 revp.127.0.0 file: ; reverse pointers for localhost ; $TTL 1D $ORIGIN 0.0.127.in-addr.arpa. @ IN SOA localhost. root.localhost. ( 1 ; serial 8H ; refresh 15M ; retry 1W ; expire 1D ) ; minimum IN NS localhost. 1 IN PTR localhost. # /usr/sbin/named I also had some problems with bind taking too long to resolv a name so then i started it with only ipv4 support (named -4) and it fixed it.