named
/etc/named.conf
options {
# change ( listen all )
listen-on port 53 { any; };
# change if not use IPv6
listen-on-v6 { none; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
# query range ( set internal server and so on )
allow-query { localhost; 10.1.1.0/24;any; };
# transfer range ( set it if you have secondary DNS )
allow-transfer { localhost; 10.1.1.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
forwarders {
10.1.1.10;
8.8.8.8;
};
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named/ddns.key";
include "/etc/named.root.key";
include "/etc/named.rfc1912.zones";
zone "myhypervisor.ca" IN {
type master;
file "forward.ldap";
allow-update { none;key rndc-key; };
notify yes;
};
zone "1.1.10.in-addr.arpa" IN {
type master;
file "reverse.ldap";
allow-update { none;key rndc-key; };
notify yes;
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
/var/named/forward.ldap
$ORIGIN .
$TTL 86400 @; 1 day
myhypervisor.ca IN SOA ldap1.myhypervisor.ca. root.myhypervisor.ca. (
20110710992091071100 ;Serial serial
3600 ;Refresh refresh (1 hour)
1800 ;Retry retry (30 minutes)
604800 ;Expire expire (1 week)
86400 ;Minimum TTLminimum (1 day)
)
@ IN
NS ldap1.myhypervisor.ca.
@ IN NS ldap2.myhypervisor.ca.
@ IN A 10.1.1.13
@ IN A 10.1.1.14
ldap1 IN A 10.1.1.13
ldap2 IN A 10.1.1.14
/var/named/reverse.ldap
$ORIGIN .
$TTL 86400 @; 1 day
1.1.10.in-addr.arpa IN SOA ldap1.myhypervisor.ca. root.myhypervisor.ca. (
20110710222011071030 ;Serial serial
3600 ;Refresh refresh (1 hour)
1800 ;Retry retry (30 minutes)
604800 ;Expire expire (1 week)
86400 ;Minimum TTLminimum (1 day)
)
@ IN
NS ldap1.myhypervisor.ca.
@ IN NS ldap2.myhypervisor.ca.
@ IN PTR myhypervisor.ca.
ldap1 IN A 10.1.1.13
ldap2 IN A 10.1.1.14
13 IN PTR ldap1.myhypervisor.ca.
14 IN PTR ldap2.myhypervisor.ca.
adding a zone (named.d)
zone "example.ca" IN {
type master;
file "example.ldap";
allow-update { none; };
};
zone example
$TTL 86400
@ IN SOA ldap1.myhypervisor.ca. root.myhypervisor.ca. (
2007962501 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
; name servers - NS records
IN NS ldap1.myhypervisor.ca.
IN NS ldap2.myhypervisor.ca.
; name servers - A records
ldap1.myhypervisor.ca. IN A 10.1.1.13
ldap2.myhypervisor.ca. IN A 10.1.1.14
@ IN A 10.1.1.118