named
/etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 { none; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
allow-transfer { localhost; 10.1.1.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
forwarders {
10.1.1.10;
8.8.8.8;
};
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named/ddns.key";
include "/etc/named.root.key";
include "/etc/named.rfc1912.zones";
zone "myhypervisor.ca" IN {
type master;
file "forward.ldap";
allow-update { key rndc-key; };
notify yes;
};
zone "1.1.10.in-addr.arpa" IN {
type master;
file "reverse.ldap";
allow-update { key rndc-key; };
notify yes;
};
zone "kvm.myhypervisor.ca" IN {
type master;
file "kvm.myhypervisor.ldap";
allow-update { none; };
};/var/named/forward.ldap
$ORIGIN .
$TTL 86400 ; 1 day
myhypervisor.ca IN SOA ldap1.myhypervisor.ca. root.myhypervisor.ca. (
2091071100 ; serial
3600 ; refresh (1 hour)
1800 ; retry (30 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS ldap1.myhypervisor.ca.
NS ldap2.myhypervisor.ca.
ldap1 A 10.1.1.13
ldap2 A 10.1.1.14
/var/named/reverse.ldap
$ORIGIN .
$TTL 86400 ; 1 day
1.1.10.in-addr.arpa IN SOA ldap1.myhypervisor.ca. root.myhypervisor.ca. (
2011071030 ; serial
3600 ; refresh (1 hour)
1800 ; retry (30 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS ldap1.myhypervisor.ca.
NS ldap2.myhypervisor.ca.
13 PTR ldap1.myhypervisor.ca.
14 PTR ldap2.myhypervisor.ca.
/var/named/kvm.myhypervisor.ldap
$TTL 86400
@ IN SOA ldap1.myhypervisor.ca. root.myhypervisor.ca. (
2007962501 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
; name servers - NS records
IN NS ldap1.myhypervisor.ca.
IN NS ldap2.myhypervisor.ca.
; name servers - A records
ldap1.myhypervisor.ca. IN A 10.1.1.13
ldap2.myhypervisor.ca. IN A 10.1.1.14
@ IN A 198.27.81.224
adding a zone (named.d)
zone "example.ca" IN {
type master;
file "example.ldap";
allow-update { none; };
};zone example
$TTL 86400
@ IN SOA ldap1.myhypervisor.ca. root.myhypervisor.ca. (
2007962501 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
; name servers - NS records
IN NS ldap1.myhypervisor.ca.
IN NS ldap2.myhypervisor.ca.
; name servers - A records
ldap1.myhypervisor.ca. IN A 10.1.1.13
ldap2.myhypervisor.ca. IN A 10.1.1.14
@ IN A 10.1.1.118
ddns.key
key rndc-key {
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret "z2qaFrjz5yE1pfyirfpWtQ==";
};