Jump to content
Sign in to follow this  
magikman

BIND9 Configuration Guidance

Recommended Posts

I am currently setting up a DNS server for several domains that i own and i would like some input from you all on my configuration options, etc. The domains have been replaced by example.com example1.com and example2.com.

 

Okay, first my options file:

options {
	directory "/etc/bind";
	allow-query { localhost; };
	allow-recursion { 127.0.0.1; };
	listen-on { <IP of Server>; };
	allow-transfer { none; };
	auth-nxdomain yes;

};

 

named.conf:

// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
	type hint;
	file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
	type master;
	file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
	type master;
	file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
	type master;
	file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
	type master;
	file "/etc/bind/db.255";
};

// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };

// From the release notes:
//  Because many of our users are uncomfortable receiving undelegated answers
//  from root or top level domains, other than a few for whom that behaviour
//  has been trusted and expected for quite some length of time, we have now
//  introduced the "root-delegations-only" feature which applies delegation-only
//  logic to all top level domains, and to the root domain.  An exception list
//  should be specified, including "MUSEUM" and "DE", and any other top level
//  domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };

include "/etc/bind/named.conf.local";

 

named.conf.local:

zone "example.com" {
	type master;
	file "example.com";
	notify no;
};

zone "example1.com" {
	type master;
	file "example1.com";
	notify no;
};

zone "example2.com" {
	type master;
	file "example2.com";
	notify no;
};

 

example.com

@	   IN	  SOA	 example.com.	root.example.com. ( 
							2007032401
							28800
							86400	
							2419200
							604800 ) 

	IN	  NS	  ns1.example.com.
	IN	  MX	  10	  mail.example.com.

ns1.example.com		 IN	  A	   <IP of server>

 

example1.com

@	   IN	  SOA	 www.example1.com.	 root.example1.com. ( 
							2007032001; Serial
							604800	; Refresh
							86400		; Retry
							2419200; Expire
							604800 )	 ; Default TTL

	IN	  NS	  ns1.example.com.
	IN	  MX	  10	  mail.example.com.

ns1.example.com		 IN	  A	   <IP of server>

 

example2.com

@	   IN	  SOA	 www.example2.com. root.example2.com. ( 
							2007032001; Serial
							604800	; Refresh
							86400		; Retry
							2419200; Expire
							604800 )	 ; Default TTL

	IN	  NS	  ns1.example.com.
	IN	  MX	  10	  mail.example.com.

ns1.example.com		 IN	  A	   <IP of server>

 

As you can see the dns server will be authoritative for all three domains. I am also going to be putting up a mail server in the near future and would like to serve mail for all three domains from the one server (mail.example.com). If there is anything wrong with these definitions, or if there is something that can be done better, please let me know. :)

  • Like 1

Share this post


Link to post
Share on other sites

Ah .. sweet post ;)

Share this post


Link to post
Share on other sites
Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...