Named-11.conf

1. acl "xfer" {
2. /* Deny transfers by default except for the listed hosts.
3. * If we have other name servers, place them here.
4. */
5. none;
6. };
7.  
8. acl "localhost.local" { 127.0.0.0/8; };
9. acl "satt.10" { 192.168.10.0/24; };
10. acl "satt.11" { 192.168.11.0/24; };
11.  
12. options {
13. directory "/var/bind";
14. pid-file "/var/run/named/named-11.pid";
15.  
16. /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */
17. bindkeys-file "/etc/bind/bind.keys";
18.  
19. listen-on-v6 { none; };
20. listen-on { 127.0.0.2; 192.168.11.1; };
21.  
22. allow-query { localhost.local; satt.10; satt.11; };
23. allow-query-cache { localhost.local; satt.10; satt.11; };
24. allow-query-cache-on { localhost.local; satt.10; satt.11; };
25. allow-recursion { localhost.local; satt.10; satt.11; };
26.  
27. allow-transfer { none; };
28.  
29. allow-update { key DHCP_UPDATER; };
30.  
31. forwarders {
32. 192.168.10.254;
33. 8.8.4.4; // Google Open DNS
34. 8.8.8.8; // Google Open DNS
35. 4.2.2.1; // Level3 Public DNS
36. 4.2.2.2; // Level3 Public DNS
37. };
38. forward first;
39. dnssec-enable no;
40. dnssec-validation no;
41. dnssec-lookaside auto;
42. max-ncache-ttl 0;
43. hostname "satt11";
44. };
45.  
46.  
47. #include "/etc/bind/rndc.key";
48.  
49. key DHCP_UPDATER {
50. algorithm hmac-md5;
51. secret "rdJuK9q33GvCORLY7Xm4Sw==";
52. };
53.  
54. controls { inet 127.0.0.2 port 953 allow { 127.0.0.1/32; } keys { "DHCP_UPDATER"; }; };
55.  
56. zone "." in {
57. type hint;
58. file "/var/bind/named.cache";
59. };
60.  
61. zone "localhost" IN {
62. type master;
63. file "pri/localhost.zone";
64. };
65.  
66. zone "127.in-addr.arpa" IN {
67. type master;
68. file "pri/127.zone";
69. };
70.  
71. zone "satt11.local" IN {
72. type master;
73. file "dyn/network.11/satt11.local.zone";
74. allow-update { key DHCP_UPDATER; };
75. };
76.  
77. zone "11.168.192.in-addr.arpa" IN {
78. type master;
79. file "dyn/network.11/192.168.11.zone-rev";
80. allow-update { key DHCP_UPDATER; };
81. };
82.  
83. zone "satt.local" {
84. type forward;
85. forwarders { 192.168.10.254; };
86. };
87. zone "10.168.192.in-addr.arpa" IN {
88. type forward;
89. forwarders { 192.168.10.254; };
90. };
91.  
92. server 192.168.11.1 { keys { DHCP_UPDATER; }; };
93.  
94. logging {
95. channel log_default {
96. file "/var/log/named/network-11/named-default.log" versions 5 size 50m;
97. severity debug;
98. print-category yes;
99. print-severity yes;
100. print-time yes;
101. };
102.  
103. channel log_resolving {
104. file "/var/log/named/network-11/named-resolving.log" versions 5 size 50m;
105. severity info;
106. print-category yes;
107. print-severity yes;
108. print-time yes;
109. };
110.  
111. channel log_security {
112. file "/var/log/named/network-11/named-security.log" versions 5 size 10m;
113. severity info;
114. print-category yes;
115. print-severity yes;
116. print-time yes;
117. };
118.  
119. channel null { null; };
120.  
121. channel log_clients {
122. file "/var/log/named/network-11/named-clients.log" versions 5 size 50m;
123. severity info;
124. print-category yes;
125. print-severity yes;
126. print-time yes;
127. };
128.  
129. category lame-servers { null; null; };
130. category queries { log_clients; };
131. category client { log_default; };
132. category unmatched { log_clients; };
133. category security { log_security; };
134. category default { log_default; };
135. };