Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
BIND9 Configuration Guidance
#1

I am currently setting up a DNS server for several domains that i own and i would like some input from you all on my configuration options, etc. The domains have been replaced by example.com example1.com and example2.com.

 

Okay, first my options file:



Code:
options {
    directory "/etc/bind";
    allow-query { localhost; };
    allow-recursion { 127.0.0.1; };
    listen-on { <IP of Server>; };
    allow-transfer { none; };
    auth-nxdomain yes;

};




 

named.conf:



Code:
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
    type hint;
    file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
    type master;
    file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
    type master;
    file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
    type master;
    file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
    type master;
    file "/etc/bind/db.255";
};

// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };

// From the release notes:
//  Because many of our users are uncomfortable receiving undelegated answers
//  from root or top level domains, other than a few for whom that behaviour
//  has been trusted and expected for quite some length of time, we have now
//  introduced the "root-delegations-only" feature which applies delegation-only
//  logic to all top level domains, and to the root domain.  An exception list
//  should be specified, including "MUSEUM" and "DE", and any other top level
//  domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };

include "/etc/bind/named.conf.local";




 

named.conf.local:



Code:
zone "example.com" {
    type master;
    file "example.com";
    notify no;
};

zone "example1.com" {
    type master;
    file "example1.com";
    notify no;
};

zone "example2.com" {
    type master;
    file "example2.com";
    notify no;
};




 

example.com



Code:
@       IN      SOA     example.com.    root.example.com. (
                            2007032401
                            28800
                            86400    
                            2419200
                            604800 )

    IN      NS      ns1.example.com.
    IN      MX      10      mail.example.com.

ns1.example.com         IN      A       <IP of server>




 

example1.com



Code:
@       IN      SOA     www.example1.com.     root.example1.com. (
                            2007032001; Serial
                            604800    ; Refresh
                            86400        ; Retry
                            2419200; Expire
                            604800 )     ; Default TTL

    IN      NS      ns1.example.com.
    IN      MX      10      mail.example.com.

ns1.example.com         IN      A       <IP of server>




 

example2.com



Code:
@       IN      SOA     www.example2.com. root.example2.com. (
                            2007032001; Serial
                            604800    ; Refresh
                            86400        ; Retry
                            2419200; Expire
                            604800 )     ; Default TTL

    IN      NS      ns1.example.com.
    IN      MX      10      mail.example.com.

ns1.example.com         IN      A       <IP of server>




 

As you can see the dns server will be authoritative for all three domains. I am also going to be putting up a mail server in the near future and would like to serve mail for all three domains from the one server (mail.example.com). If there is anything wrong with these definitions, or if there is something that can be done better, please let me know. :)

Reply
#2
Ah .. sweet post ;)
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)