Bind

De ClissXXI.

Version du 15 juin 2007 à 10:18 par SylvainBeucler (discuter | contributions)
(diff) ← Version précédente | Voir la version courante (diff) | Version suivante → (diff)

[modifier] Configuration

À partir de la configuration par défaut dans Debian (TODO: le faire à partir de la configuration par défaut tout court).

/etc/bind/named.conf.options:

// Secondary name servers
// Needs to be outside the options block
acl acl_transfer {
        193.251.53.202; //ns2.mydomain.org
        212.27.32.132; //ns.ovh.net
        213.251.188.140; //sdns1.ovh.net
        217.70.177.40; //ns6.gandi.net
        localhost;
};

and in the options block:

        // Deny queries on domain we don't own; we then allow queries
        // per zone in named.conf.local
        // "localhost" means "all my local IPs"
        allow-query { localhost; };
        allow-recursion { localhost; };
        allow-transfer { acl_transfer; };
        notify yes; // default

/etc/bind/named.conf.local: describe your domains:

zone "mydomain.org" {
        type master;
        file "/etc/bind/master/mydomain.org";
        allow-query { any; };
};

A sample zone file:

$TTL    3600       ; non-slaves refresh after 1 hour (e.g.: ISPs)
@       IN      SOA ns1.mydomain.org. sysadmin.mycompany.com. (
        2007061509 ; serial (YYMMDDxx)
        3600       ; slaves refresh after 1 hour
        3600       ; slaves retry after 1 hour on failure
        1209600    ; slaves expire after 2 weeks
        3600       ; minimum negative cache TTL of 1 hour
)
        NS      ns1.mydomain.org.
        NS      ns2.mydomain.org.

        MX      10 mx1.mails.net.
        MX      20 mx2.mails.net.

        A       187.98.124.62

www     CNAME   @

test    A       1.1.1.1
dyndns  60      A       9.9.9.9 ; refresh every 60 secs.

[modifier] Liens