I am currently setting up a DNS server for several domains that i own and i would like some input from you all on my configuration options, etc. The domains have been replaced by example.com example1.com and example2.com.
Okay, first my options file:
Code:
options {
directory "/etc/bind";
allow-query { localhost; };
allow-recursion { 127.0.0.1; };
listen-on { <IP of Server>; };
allow-transfer { none; };
auth-nxdomain yes;
};named.conf:
Code:
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };
// From the release notes:
// Because many of our users are uncomfortable receiving undelegated answers
// from root or top level domains, other than a few for whom that behaviour
// has been trusted and expected for quite some length of time, we have now
// introduced the "root-delegations-only" feature which applies delegation-only
// logic to all top level domains, and to the root domain. An exception list
// should be specified, including "MUSEUM" and "DE", and any other top level
// domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };
include "/etc/bind/named.conf.local";named.conf.local:
Code:
zone "example.com" {
type master;
file "example.com";
notify no;
};
zone "example1.com" {
type master;
file "example1.com";
notify no;
};
zone "example2.com" {
type master;
file "example2.com";
notify no;
};example.com
Code:
@ IN SOA example.com. root.example.com. (
2007032401
28800
86400
2419200
604800 )
IN NS ns1.example.com.
IN MX 10 mail.example.com.
ns1.example.com IN A <IP of server>example1.com
Code:
@ IN SOA www.example1.com. root.example1.com. (
2007032001; Serial
604800 ; Refresh
86400 ; Retry
2419200; Expire
604800 ) ; Default TTL
IN NS ns1.example.com.
IN MX 10 mail.example.com.
ns1.example.com IN A <IP of server>example2.com
Code:
@ IN SOA www.example2.com. root.example2.com. (
2007032001; Serial
604800 ; Refresh
86400 ; Retry
2419200; Expire
604800 ) ; Default TTL
IN NS ns1.example.com.
IN MX 10 mail.example.com.
ns1.example.com IN A <IP of server>As you can see the dns server will be authoritative for all three domains. I am also going to be putting up a mail server in the near future and would like to serve mail for all three domains from the one server (mail.example.com). If there is anything wrong with these definitions, or if there is something that can be done better, please let me know. :)
