bind:setup_bind9
This is an old revision of the document!
Bind - Setup Bind9
- /etc/bind/named.conf
// This is the primary configuration file for the BIND DNS server named. // // Please read /usr/share/doc/bind9/README.Debian.gz for information on the // structure of BIND configuration files in Debian, *BEFORE* you customize // this configuration file. // // If you are just adding zones, please do that in /etc/bind/named.conf.local include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; #include "/etc/bind/named.conf.default-zones";
- /etc/bind/named.conf.options
acl "trusted" { 192.168.1.0/24; localhost; localnets; }; options { directory "/var/cache/bind"; // version statement - inhibited for security // (avoids hacking any known weaknesses) version "ShareWiz DNS"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; forwarders { // Sure Public DNS 83.137.248.244; 93.187.151.197; // Google Public DNS //8.8.8.8; //8.8.4.4; // OpenDNS //208.67.222.222; //208.67.220.220; }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== #dnssec-validation auto; dnssec-enable no; dnssec-validation no; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; allow-query { any; }; allow-transfer { trusted; }; allow-recursion { trusted; }; };
- /etc/bind/named.conf.local
// // Do any local configuration here // acl slaves { // 195.234.42.0/24; // XName // 193.218.105.144/28; // XName // 193.24.212.232/29; // XName 212.227.123.29; // 1&1 slv2.1and1.co.uk }; acl internals { 192.168.1.0/24; 127.0.0.0/8; }; view "internal" { match-clients { internals; }; recursion yes; zone "sharewiz.net" { type master; file "/etc/bind/internals/db.sharewiz.net"; allow-update { none; }; }; // zone "drdizzy.com" { // type master; // file "/etc/bind/internals/db.drdizzy.com"; // allow-update { none; }; // }; # Set zone for reverse zone "1.168.192.in-addr.arpa" { type master; file "/etc/bind/internals/1.168.192.db"; allow-update { none; }; }; include "/etc/bind/named.conf.default-zones"; }; view "external" { match-clients { any; }; allow-query { any; }; recursion no; zone "sharewiz.net" { type master; file "/etc/bind/externals/db.sharewiz.net"; allow-transfer { slaves; }; allow-update { none; }; }; // zone "drdizzy.com" { // type master; // file "/etc/bind/externals/db.drdizzy.com"; // allow-transfer { slaves; }; // allow-update { none; }; // }; # Set zone for reverse. zone "35.134.42.5.in-addr.arpa" { type master; file "/etc/bind/externals/35.134.42.5.db"; allow-update { none; }; }; };
bind/setup_bind9.1467499902.txt.gz ยท Last modified: 2020/07/15 09:30 (external edit)