Bind: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 35: | Line 35: | ||
# directory "/var/named"; | # directory "/var/named"; | ||
}; | }; | ||
</pre> | |||
For an internet nameserver add: | |||
<pre> | |||
allow-recursion { recursehosts; }; | |||
allow-query-cache { recursehosts; }; | |||
</pre> | </pre> | ||
Revision as of 11:01, 10 June 2013
Configuration
named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
213.75.63.36;
213.75.63.70;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
# Turned off because most DNSSEC secured zones are incorrectly configured. This leads to flooding of the syslog with (no valid RRSIG) errors
# dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
# Turned off because KPN doesn't support ipv6. This leads to flooding of the syslog with (network unreachable) errors
# listen-on-v6 { any; };
# Not needed because Debian default directory is now linked to /var/named by hand
# directory "/var/named";
};
For an internet nameserver add:
allow-recursion { recursehosts; };
allow-query-cache { recursehosts; };
named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "ops.tripnet.int" in {
type master;
file "soa/ops.tripnet.int";
notify yes;
};
zone "net.tripnet.int" in {
type master;
file "soa/net.tripnet.int";
notify yes;
};
zone "internal.tripnet.int" in {
type master;
file "soa/internal.tripnet.int";
notify yes;
allow-update {localhost;};
};
zone "tripnet.int" in {
type master;
file "soa/tripnet.int";
notify yes;
};
zone "0.0.10.in-addr.arpa" in {
type master;
file "rev/10.0.0.rev";
notify yes;
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "rev/localhost.rev";
};
zone "0.168.192.in-addr.arpa" in {
type master;
file "rev/192.168.0.rev";
notify yes;
};
zone "1.168.192.in-addr.arpa" in {
type master;
file "rev/192.168.1.rev";
notify yes;
allow-update {localhost;};
};
zone "100.168.192.in-addr.arpa" in {
type master;
file "rev/192.168.100.rev";
notify yes;
allow-update {localhost;};
};
example /var/named/soa/internal.tripnet.int
@ IN SOA router.tripnet.int. root.router.tripnet.int. (
2001072027 ; serial, todays date + todays serial
10800 ; refresh
3600 ; retry
604800 ; expire
86400 ) ; minimum TTL
;
IN NS router.tripnet.int.
IN NS tripserv.tripnet.int.
IN MX 10 router.tripnet.int.
;
; Netwerk locaal ip 192.168. netmask 255.255.255.0
;
lindy 10 IN A 192.168.0.20 ;Cl=3
marylene 10 IN A 192.168.0.21 ;Cl=3
amber 10 IN A 192.168.0.22 ;Cl=3
yvette 10 IN A 192.168.0.23 ;Cl=3
crystel 10 IN A 192.168.0.24 ;Cl=3
treske 10 IN A 192.168.0.25 ;Cl=3
sharon 10 IN A 192.168.0.26 ;Cl=3
serena 10 IN A 192.168.0.27 ;Cl=3
treske-ii 10 IN A 192.168.0.28 ;Cl=3
catherine 10 IN A 192.168.0.29 ;Cl=3
marjolein 10 IN A 192.168.0.30 ;Cl=3
maggotbox 10 IN A 192.168.0.31 ;Cl=3
example /var/named/rev/192.168.0.rev
0.168.192.in-addr.arpa. IN SOA router.tripnet.int. root.router.tripnet.int. (
2002083046 ; serial
8H ; refresh
2H ; retry
1W ; expire
1D ; minimum
)
IN NS router.tripnet.int.
IN NS tripserv.tripnet.int.
IN MX 10 router.tripnet.int.
1 IN PTR router.ops.tripnet.int.
2 IN PTR tripserv.ops.tripnet.int.
3 IN PTR tripevo.ops.tripnet.int.
4 IN PTR tripdev.ops.tripnet.int.
5 IN PTR tripraid.ops.tripnet.int.
6 IN PTR tripbook.ops.tripnet.int.
8 IN PTR tripenclosure.ops.tripnet.int.
9 IN PTR soap.tripnet.int.
Adding a new domain
New Domain: www.domain.com
212.61.33.42
Add the following in /etc/bind/named.conf.db
zone "domain.com" in {
type master;
file "soa/domain.com";
notify yes;
};
Add the following in /var/named/soa/domain.com
@ IN SOA ns1.euhost.nl. root.ns1.euhost.nl. (
2011103102 ; serial FORMAT: YYYYMMDDXX
14800 ; refresh
3600 ; retry
604800 ; expire
86400 ; minimum
)
IN NS ns1.euhost.nl.
IN NS ns2.euhost.nl.
IN MX 10 mail.tripany.com.
IN A 188.204.140.195
; Standard
localhost IN A 188.204.140.195
www IN A 188.204.140.195
ftp IN A 188.204.140.195
ssh -l USERNAME ns2.euhost.nl
Add the following in /etc/bind/named.conf.db
zone "domain.com" in {
type master;
file "soa/domain.com";
notify yes;
};
rndc reload;tail -f /var/log/messages
Quit the SSH back to 212.61.33.42
Again: rndc reload;tail -f /var/log/messages