-------------
- Code: Select all
// Outside Public Known DNS server hostname
key ns1.my-domain.net. {
algorithm hmac-md5;
secret "************************************************************";
};
// Inside DNS server hostname
key lnx-srv.my-domain.net. {
algorithm hmac-md5;
secret "************************************************************";
};
// Outside Public Known DNS server hostname from ISP, which we xfer zones
// with, through secret key access.
key ns.isp.com. {
algorithm hmac-md5;
secret "************************************************************";
};
// ip-number of Public Known DNS server from ISP
server 203.115.0.1 {
keys { ns.slt.lk.; }; // sign all requests to 203.115.0.1
// with this key
};
options {
directory "/var/named";
//
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 uses an unprivileged
// port by default.
//
pid-file "/var/run/named/named.pid";
// version " sorry folks :)";
// query-source address * port 53;
};
acl "inside" {
127/8; 10.0.18/24; 192.168.1/24;
};
include "slaves.conf";
//
// named.boot This file sets up the NAMED network name server program
//
// This tells the server where to find its files.
// We always want to serve the LOCALHOST, right?
view "inside" {
match-clients { "inside"; };
recursion yes;
zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
};
zone "my-domain.net" {
type master;
file "primary/my-domain.net.hosts.inside";
allow-transfer { key lnx-srv.my-domain.net.; // - key access
10.0.18.66; // - ip access
}; // for older bind
}; // versions
zone "18.0.10.in-addr.arpa" {
type master;
file "primary/10.0.18.rev";
allow-transfer { key lnx-srv.my-domain.net.;
10.0.18.66;
};
};
zone "1.168.192.in-addr.arpa" {
type master;
file "primary/192.168.1.rev";
allow-transfer { key lnx-srv.my-domain.net.;
10.0.18.66;
};
};
zone "." {
type hint;
file "named.cache";
};
};
view "outside" {
match-clients { any; };
recursion no;
zone "my-domain.net" {
type master;
file "primary/my-domain.net.hosts.outside";
allow-transfer { "slaves"; };
};
zone "my-domain.org" {
type master;
file "primary/my-domain.org.hosts.outside";
allow-transfer { "slaves"; };
};
zone "." {
type hint;
file "named.cache";
};
};
named.cache
- Code: Select all
; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/db.cache
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
; last update: Jan 29, 2004
; related version of root zone: 2004012900
;
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; operated by VeriSign, Inc.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
;
; operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; operated by ICANN
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File
slaves.conf
- Code: Select all
//
// to allow a machine to become a slave server of ns.isp.net add a acl
// entry below. older bind implementations like bind 4 and sometimes
// bind 8 need to have their ip-number listed below. Newer DNS servers
// which support MD5 TSIG keys, like bind 9 and windows 2000 DNS just add
// the above key to their list.
//
acl "slaves" {
key ns.isp.net.;
195.133.252.4; // NS.ISP.NET.
195.133.252.5; // NS2.ISP.NET.
// .NL
193.176.144.130; // NS2.DOMAIN-REGISTRY.nl.
193.176.144/24; // DOMAIN-REGISTRY.nl. class C
198.6.1.82; // AUTH02.NS.UU.NET.
192.93.0.4; // NS2.NIC.FR.
192.16.202.11; // NS.EU.NET.
193.176.144.2; // NS.DOMAIN-REGISTRY.nl.
192.36.125.2; // SUNIC.SUNET.SE.
// .BE
198.6.1.82; // AUTH02.NS.UU.NET.
192.16.202.11; // NS.EU.NET.
193.190.198.10; // NS.BELNET.be.
193.190.198.2; // NS.BELNET.be.
134.58.40.4; // DNS.CS.KULEUVEN.AC.be.
193.74.208.139; // SECDNS.EUNET.be.
192.36.125.2; // SUNIC.SUNET.SE.
194.7.171.243; // MASTER.DNS.be.
// .COM .NET .ORG
192.42.93.30; // G.GTLD-SERVERS.net.
192.54.112.30; // H.GTLD-SERVERS.net.
192.26.92.30; // C.GTLD-SERVERS.net.
192.36.144.133; // I.GTLD-SERVERS.net.
192.33.14.30; // B.GTLD-SERVERS.net.
192.31.80.30; // D.GTLD-SERVERS.net.
192.41.162.30; // L.GTLD-SERVERS.net.
192.35.51.30; // F.GTLD-SERVERS.net.
210.132.100.101; // J.GTLD-SERVERS.net.
213.177.194.5; // K.GTLD-SERVERS.net.
192.12.94.30; // E.GTLD-SERVERS.net.
202.153.114.101; // M.GTLD-SERVERS.net.
192.5.6.30; // A.GTLD-SERVERS.net.
// .BIZ
213.86.51.129; // D.GTLD.biz.
209.173.53.162; // A.GTLD.biz.
209.173.57.162; // B.GTLD.biz.
209.173.60.65; // C.GTLD.biz.
};
thats about it, well you do need to chnge the named.conf and other files the way you want it.
this just to get u an ida
