Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@server1:/etc/bind# named -v
- BIND 9.10.3-P4-Debian <id:ebd72b3>
- acl trusted {
- 127.0.0.1;
- xxx.xxx.xxx.43; # NS1
- xx.xx.xx.107; # NS2
- 81.169.148.38; # Strato DNS
- };
- options {
- directory "/var/cache/bind";
- // If there is a firewall between you and nameservers you want
- // to talk to, you may need to fix the firewall to allow multiple
- // ports to talk. See http://www.kb.cert.org/vuls/id/800113
- // If your ISP provided one or more IP addresses for stable
- // nameservers, you probably want to use them as forwarders.
- // Uncomment the following block, and insert the addresses replacing
- // the all-0's placeholder.
- // forwarders {
- // 0.0.0.0;
- // };
- //========================================================================
- // If BIND logs error messages about the root key being expired,
- // you will need to update your keys. See https://www.isc.org/bind-keys
- //========================================================================
- dnssec-validation auto;
- listen-on port 53 { any; };
- recursion no;
- allow-query { any; };
- auth-nxdomain no; # conform to RFC1035
- listen-on-v6 { any; };
- allow-notify { trusted; };
- allow-transfer { trusted; };
- };
- //
- // Do any local configuration here
- //
- // Consider adding the 1918 zones here, if they are not used in your
- // organization
- //include "/etc/bind/zones.rfc1918";
- zone "my-domain.com" {
- type master;
- file "/etc/bind/forward.my-domain.com";
- allow-transfer { xx.xx.xx.107; };
- };
- $TTL 604800
- @ IN SOA primary.my-domain.com. root.primary.my-domain.com. (
- 6 ; Serial
- 604820 ; Refresh
- 86600 ; Retry
- 2419600 ; Expire
- 604600 ) ; Negative Cache TTL
- ;Name Server Information
- @ IN NS primary.my-domain.com.
- @ IN NS secondary.my-domain.com.
- ;IP address of Your Domain Name Server(DNS)
- primary IN A xxx.xxx.xxx.43
- secondary IN A xx.xx.xx.107
- ;A Record for Host names
- @ IN A xxx.xxx.xxx.43
- www IN A xxx.xxx.xxx.43
- ;CNAME Record
- ftp IN CNAME www.my-domain.com.
- acl trusted {
- 127.0.0.1;
- xxx.xxx.xxx.43; # NS1
- xx.xx.xx.107; # NS2
- 81.169.148.38; # Strato DNS
- };
- options {
- directory "/var/cache/bind";
- // If there is a firewall between you and nameservers you want
- // to talk to, you may need to fix the firewall to allow multiple
- // ports to talk. See http://www.kb.cert.org/vuls/id/800113
- // If your ISP provided one or more IP addresses for stable
- // nameservers, you probably want to use them as forwarders.
- // Uncomment the following block, and insert the addresses replacing
- // the all-0's placeholder.
- // forwarders {
- // 0.0.0.0;
- // };
- //========================================================================
- // If BIND logs error messages about the root key being expired,
- // you will need to update your keys. See https://www.isc.org/bind-keys
- //========================================================================
- dnssec-validation auto;
- listen-on port 53 { any; };
- recursion no;
- allow-query { any; };
- auth-nxdomain no; # conform to RFC1035
- listen-on-v6 { any; };
- allow-notify { trusted; };
- allow-transfer { trusted; };
- };
- //
- // Do any local configuration here
- //
- // Consider adding the 1918 zones here, if they are not used in your
- // organization
- //include "/etc/bind/zones.rfc1918";
- zone "my-domain.com" {
- type slave;
- file "/etc/bind/forward.my-domain.com";
- masters { xxx.xxx.xxx.43; };
- };
- $TTL 604800
- @ IN SOA primary.my-domain.com. root.primary.my-domain.com. (
- 6 ; Serial
- 604820 ; Refresh
- 86600 ; Retry
- 2419600 ; Expire
- 604600 ) ; Negative Cache TTL
- ;Name Server Information
- @ IN NS primary.my-domain.com.
- @ IN NS secondary.my-domain.com.
- ;IP address of Your Domain Name Server(DNS)
- primary IN A xxx.xxx.xxx.43
- secondary IN A xx.xx.xx.107
- ;A Record for Host names
- @ IN A xxx.xxx.xxx.43
- www IN A xxx.xxx.xxx.43
- ;CNAME Record
- ftp IN CNAME www.my-domain.com.
- ~$ dig my-domain.com @xxx.xxx.xxx.43
- ; <<>> DiG 9.11.3-1ubuntu1.2-Ubuntu <<>> my-domain.com @xxx.xxx.xxx.43
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31536
- ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
- ;; WARNING: recursion requested but not available
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;my-domain.com. IN A
- ;; ANSWER SECTION:
- my-domain.com. 604800 IN A xxx.xxx.xxx.43
- ;; AUTHORITY SECTION:
- my-domain.com. 604800 IN NS secondary.my-domain.com.
- my-domain.com. 604800 IN NS primary.my-domain.com.
- ;; ADDITIONAL SECTION:
- primary.my-domain.com. 604800 IN A xxx.xxx.xxx.43
- secondary.my-domain.com. 604800 IN A xx.xx.xx.107
- ;; Query time: 16 msec
- ;; SERVER: xxx.xxx.xxx.43#53(xxx.xxx.xxx.43)
- ;; WHEN: Tue Oct 16 14:42:09 CEST 2018
- ;; MSG SIZE rcvd: 136
- ~$ nslookup my-domain.com xxx.xxx.xxx.43
- Server: xxx.xxx.xxx.43
- Address: xxx.xxx.xxx.43#53
- Name: my-domain.com
- Address: xxx.xxx.xxx.43
- ~$ dig my-domain.com
- ; <<>> DiG 9.11.3-1ubuntu1.2-Ubuntu <<>> my-domain.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7286
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 65494
- ;; QUESTION SECTION:
- ;my-domain.com. IN A
- ;; ANSWER SECTION:
- my-domain.com. 69 IN A 81.169.145.157
- ;; Query time: 0 msec
- ;; SERVER: 127.0.0.53#53(127.0.0.53)
- ;; WHEN: Tue Oct 16 14:44:23 CEST 2018
- ;; MSG SIZE rcvd: 58
- ~$ nslookup my-domain.com
- Server: 127.0.0.53
- Address: 127.0.0.53#53
- Non-authoritative answer:
- Name: my-domain.com
- Address: 81.169.145.157
- Name: my-domain.com
- Address: 2a01:238:20a:202:1157::
- $ dig +trace guzzijason.com. | grep -E 'INs*NS'
- . 509129 IN NS b.root-servers.net.
- . 509129 IN NS h.root-servers.net.
- . 509129 IN NS g.root-servers.net.
- . 509129 IN NS i.root-servers.net.
- . 509129 IN NS m.root-servers.net.
- . 509129 IN NS k.root-servers.net.
- . 509129 IN NS f.root-servers.net.
- . 509129 IN NS j.root-servers.net.
- . 509129 IN NS e.root-servers.net.
- . 509129 IN NS c.root-servers.net.
- . 509129 IN NS d.root-servers.net.
- . 509129 IN NS l.root-servers.net.
- . 509129 IN NS a.root-servers.net.
- com. 172800 IN NS a.gtld-servers.net.
- com. 172800 IN NS b.gtld-servers.net.
- com. 172800 IN NS c.gtld-servers.net.
- com. 172800 IN NS d.gtld-servers.net.
- com. 172800 IN NS e.gtld-servers.net.
- com. 172800 IN NS f.gtld-servers.net.
- com. 172800 IN NS g.gtld-servers.net.
- com. 172800 IN NS h.gtld-servers.net.
- com. 172800 IN NS i.gtld-servers.net.
- com. 172800 IN NS j.gtld-servers.net.
- com. 172800 IN NS k.gtld-servers.net.
- com. 172800 IN NS l.gtld-servers.net.
- com. 172800 IN NS m.gtld-servers.net.
- guzzijason.com. 172800 IN NS ns01.guzzijason.com. # Note: delegation NS record hosted by gtld-servers
- guzzijason.com. 172800 IN NS ns02.guzzijason.com. # Note: delegation NS record hosted by gtld-servers
- guzzijason.com. 7200 IN NS ns01.guzzijason.com. # authoritative NS record served by guzzijason.com nameservers
- guzzijason.com. 7200 IN NS ns02.guzzijason.com. # authoritative NS record served by guzzijason.com nameservers
Add Comment
Please, Sign In to add comment
