Versions Compared

Old Version 1

changes.mady.by.user Igor Kozhukhov(dilos)

Saved on

compared with

New Version Current

changes.mady.by.user Aleksey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
titleInstall package
apt-get install service-network-dns-bindinstall bind9


Code Block
titleCreate directory for PID file
mkdir -p /var/named
chown -R namedbind:namedbind /var/named

Create your own '/etc/bind/named.conf' (see examples below)

Code Block
titleStart DNS server
sudo svcadm enable dns/serverbind9


Code Block
titleCheck service status
svcs -xv

 

...



 Code Block
titleExample /etc/bind/named/.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the

// structure of BIND configuration files in Debian, *BEFORE* you customize

// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

 Code Block
titleExample /etc/bind/named.conf.options
options {
        directory "/var/cache/bind";
        pid-file "/var/named/named.pid";
        query-source address * port 53;

                // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable
         // nameservers, you probably want to use them as forwarders.  
        // Uncomment the following block, and insert the addresses replacing
         // the all-0's placeholder.

        // forwarders {
        //      0.0.0.0;
        // };
            forwarders {
                10.50.0.2    8.8.8.8;
        };

      10.2.208.10;
   //========================================================================
      };  // If BIND logs error messages about empty-zones-enable yes;
  the root key being expired,
     auth-nxdomain no;  // you #will conformneed to RFC1035 update your keys.  See https://www.isc.org/bind-keys
        // listen-on-v6 { any; };========================================================================
//      dnssec-validation auto;

        listen-on port 53 { any; };auth-nxdomain no;    # conform to RFC1035
        allowlisten-on-queryv6 { anynone; };
        allowlisten-transferon { "none"any; };
};

 Code Block
titleExample /etc/bind/named.conf.local
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization

view "internal" {
    match-clients
{ 172.16.0.0/16; }; // local clients
    include "/etc/bind/zones.rfc1918";
    include "/etc/bind/named.internal";
    include "/etc/bind/named.external";
};


view "external" {
    match-clients { "any"; }; // must be in the last clause
    include "/etc/bind/named.external";
};


//view "default" {
//  zone "example.com" {
//    type master;
// zone file will return www.example.com with default (worldwide) IP
//    file "view/master.example.com.default";
//  };
//};
logging {
    category lame-servers {null; };
};