Nov 15 04:21:01 mydnshostname00 named[1057]: client xxx.yyy.zzz.111#51843 (mydbh

1. Nov 15 04:21:01 mydnshostname00 named[1057]: client xxx.yyy.zzz.111#51843 (mydbhostname.example.local.example.local): query 'mydbhostname.example.local.example.local/A/IN' **denied**
2. Nov 15 04:21:01 mydnshostname00 named[1057]: client xxx.yyy.zzz.111#51843 (mydbhostname.example.local.example.local): query 'mydbhostname.example.local.example.local/AAAA/IN' **denied**
3. Nov 15 04:24:11 mydnshostname00 named[1057]: client xxx.yyy.zzz.111#44369 (22.zzz.yyy.xxx.in-addr.arpa): query '22.zzz.yyy.xxx.in-addr.arpa/PTR/IN' **denied**
4. .
5. .
6. .
7. Nov 15 04:36:31 mydnshostname00 named[1057]: client xxx.yyy.zzz.122#26059 (example.local): query 'example.local/SOA/IN' **denied**
8.  
9. options {
10. listen-on port 53 { 127.0.0.1; xxx.yyy.zzz.121; };
11. listen-on-v6 port 53 { ::1; };
12. directory "/var/named";
13. dump-file "/var/named/data/cache_dump.db";
14. statistics-file "/var/named/data/named_stats.txt";
15. memstatistics-file "/var/named/data/named_mem_stats.txt";
16. allow-query { localhost; xxx.yyy.zzz.0/30; };
17. allow-transfer { localhost; xxx.yyy.zzz.122; };
18.  
19. recursion yes;
20.  
21. dnssec-enable yes;
22. dnssec-validation yes;
23. dnssec-lookaside auto;
24.  
25. /* Path to ISC DLV key */
26. bindkeys-file "/etc/named.iscdlv.key";
27.  
28. managed-keys-directory "/var/named/dynamic";
29.  
30. pid-file "/run/named/named.pid";
31. session-keyfile "/run/named/session.key";
32. };
33.  
34. logging {
35. channel default_debug {
36. file "data/named.run";
37. severity dynamic;
38. };
39. };
40.  
41. zone "." IN {
42. type hint;
43. file "named.ca";
44. };
45. zone "example.local" IN{
46. type master;
47. file "forward.example";
48. allow-update { none; };
49. };
50. zone "zzz.yyy.xxx.in-addr.arpa" IN {
51. type master;
52. file "reverse.example";
53. allow-update { none; };
54. };
55. include "/etc/named.rfc1912.zones";
56. include "/etc/named.root.key";
57.  
58. $TTL 86400
59. @ IN SOA MasterDNSDomain.example.local. root.example.local. (
60. 2011071001 ;Serial
61. 3600 ;Refresh
62. 1800 ;Retry
63. 604800 ;Expire
64. 86400 ;Minimum TTL
65. )
66.  
67. @ IN NS MasterDNSDomain.example.local.
68. @ IN NS SlaveDNSDomain.example.local.
69. ;@ IN A xxx.yyy.zzz.121
70. ;@ IN A xxx.yyy.zzz.122
71. ;@ IN A xxx.yyy.zzz.120
72. ;@ IN A xxx.yyy.zzz.111
73. ;@ IN A xxx.yyy.zzz.112
74. @ IN A xxx.yyy.zzz.113
75.  
76. MasterDNSDomain IN A xxx.yyy.zzz.121
77. SlaveDNSDomain IN A xxx.yyy.zzz.122
78. ClientServerco01 IN A xxx.yyy.zzz.120
79. mydbhostname IN A xxx.yyy.zzz.111
80. ClientServercr02 IN A xxx.yyy.zzz.112
81. ClientServerwb03 IN A xxx.yyy.zzz.113
82.  
83. www IN CNAME ClientServerwb03
84.  
85. $TTL 86400
86. @ IN SOA MasterDNSDomain.example.local. root.example.local. (
87. 2011071001 ;Serial
88. 3600 ;Refresh
89. 1800 ;Retry
90. 604800 ;Expire
91. 86400 ;Minimum TTL
92. )
93.  
94. @ IN NS MasterDNSDomain.example.local.
95. @ IN NS SlaveDNSDomain.example.local.
96.  
97. 113 IN PTR example.local.
98.  
99. MasterDNSDomain IN A xxx.yyy.zzz.121
100. SlaveDNSDomain IN A xxx.yyy.zzz.122
101. ClientServerco01 IN A xxx.yyy.zzz.120
102. mydbhostname IN A xxx.yyy.zzz.111
103. ClientServercr02 IN A xxx.yyy.zzz.112
104. ClientServerwb03 IN A xxx.yyy.zzz.113
105.  
106. 121 IN PTR MasterDNSDomain.example.local.
107. 122 IN PTR SlaveDNSDomain.example.local.
108. 120 IN PTR ClientServerco01.example.local.
109. 111 IN PTR mydbhostname.example.local.
110. 112 IN PTR ClientServercr02.example.local.
111. 113 IN PTR ClientServerwb03.example.local.
112.  
113. firewall-cmd --permanent --add-port=53/tcp
114. firewall-cmd --permanent --add-port=53/udp
115.  
116. chgrp named -R /var/named
117. chown -v root:named /etc/named.conf
118. restorecon -rv /var/named
119. restorecon /etc/named.conf
120.  
121. options {
122. listen-on port 53 { 127.0.0.1; xxx.yyy.zzz.122; };
123. listen-on-v6 port 53 { ::1; };
124. directory "/var/named";
125. dump-file "/var/named/data/cache_dump.db";
126. statistics-file "/var/named/data/named_stats.txt";
127. memstatistics-file "/var/named/data/named_mem_stats.txt";
128. allow-query { localhost; xxx.yyy.zzz.0/30; };
129.  
130. recursion yes;
131.  
132. dnssec-enable yes;
133. dnssec-validation yes;
134. dnssec-lookaside auto;
135.  
136. /* Path to ISC DLV key */
137. bindkeys-file "/etc/named.iscdlv.key";
138.  
139. managed-keys-directory "/var/named/dynamic";
140.  
141. pid-file "/run/named/named.pid";
142. session-keyfile "/run/named/session.key";
143. };
144.  
145. logging {
146. channel default_debug {
147. file "data/named.run";
148. severity dynamic;
149. };
150. };
151.  
152. zone "." IN {
153. type hint;
154. file "named.ca";
155. };
156. zone "example.local" IN {
157. type slave;
158. file "slaves/example.fwd";
159. masters { xxx.yyy.zzz.121; };
160. };
161. zone "zzz.yyy.xxx.in-addr.arpa" IN {
162. type slave;
163. file "slaves/example.rev";
164. masters { xxx.yyy.zzz.121; };
165. };
166. include "/etc/named.rfc1912.zones";
167. include "/etc/named.root.key";
168.  
169. firewall-cmd --permanent --add-port=53/tcp
170.  
171. chgrp named -R /var/named
172. chown -v root:named /etc/named.conf
173. restorecon -rv /var/named
174. restorecon /etc/named.conf
175.  
176. options { allow-query { 192.168.196.0/24; localhost; }; };
177.  
178. allow-query { localhost; xxx.yyy.zzz.0/30; };