blob: 87a02a932517986f6cf11828f5399f707f2c1afd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
/*
* Refer to the named.conf(5) and named(8) man pages, and the documentation
* in /usr/share/doc/bind-9 for more details.
* Online versions of the documentation can be found here:
* http://www.isc.org/software/bind/documentation
*
* If you are going to set up an authoritative server, make sure you
* understand the hairy details of how DNS works. Even with simple mistakes,
* you can break connectivity for affected parties, or cause huge amounts of
* useless Internet traffic.
*/
acl "xfer" {
10.10.0.0/24;
fdc7:602:e9c5:b8f0::/64;
};
acl "trusted" {
127.0.0.0/8;
::1/128;
10.10.0.0/16;
fdc7:602:e9c5:b8f0::/64;
};
options {
directory "/var/bind";
pid-file "/var/run/named/named.pid";
/* https://www.isc.org/solutions/dlv */
bindkeys-file "/etc/bind/bind.keys";
listen-on-v6 { any; };
listen-on { any; };
allow-query {
trusted;
};
allow-query-cache {
trusted;
};
allow-transfer {
xfer;
};
/*
* If you've got a DNS server around at your upstream provider, enter its
* IP address here, and enable the line below. This will make you benefit
* from its cache, thus reduce overall DNS traffic in the Internet.
*
* Uncomment the following lines to turn on DNS forwarding, and change
* and/or update the forwarding ip address(es):
*/
forward first;
forwarders {
8.8.8.8; // Google Open DNS
8.8.4.4; // Google Open DNS
};
};
logging {
channel default_log {
file "/var/log/named/named.log" versions 5 size 50M;
print-time yes;
print-severity yes;
print-category yes;
};
category default { default_log; };
category general { default_log; };
};
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.0/8; 10.10.0.0/16; fdc7:602:e9c5:b8f0::0/64; ::1/128; } keys { "rndc-key"; };
};
view "internal" in {
match-clients { trusted; };
recursion yes;
zone "." in {
type hint;
file "/var/bind/root.cache";
};
zone "localhost" IN {
type master;
file "pri/localhost.zone";
allow-update { none; };
notify no;
};
zone "127.in-addr.arpa" IN {
type master;
file "pri/localhost.zone";
allow-update { none; };
notify no;
};
zone "randomdan.homeip.net" IN {
type slave;
file "sec/randomdan.homeip.net.zone";
masters { 10.10.0.3; fdc7:602:e9c5:b8f0::3; };
};
zone "random.lan" IN {
type slave;
file "sec/random.lan.zone";
masters { 10.10.0.3; fdc7:602:e9c5:b8f0::3; };
};
zone "10.10.in-addr.arpa" IN {
type slave;
file "sec/10.10.zone";
masters { 10.10.0.3; fdc7:602:e9c5:b8f0::3; };
};
zone "0.f.8.b.5.c.9.e.2.0.6.0.7.c.d.f.ip6.arpa" IN {
type slave;
file "sec/fdc7:602:e9c5:b8f0.zone";
masters { 10.10.0.3; fdc7:602:e9c5:b8f0::3; };
};
};
|
