Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Nov 15 04:21:01 mydnshostname00 named[1057]: client xxx.yyy.zzz.111#51843 (mydbhostname.example.local.example.local): query 'mydbhostname.example.local.example.local/A/IN' **denied**
- Nov 15 04:21:01 mydnshostname00 named[1057]: client xxx.yyy.zzz.111#51843 (mydbhostname.example.local.example.local): query 'mydbhostname.example.local.example.local/AAAA/IN' **denied**
- Nov 15 04:24:11 mydnshostname00 named[1057]: client xxx.yyy.zzz.111#44369 (22.zzz.yyy.xxx.in-addr.arpa): query '22.zzz.yyy.xxx.in-addr.arpa/PTR/IN' **denied**
- .
- .
- .
- Nov 15 04:36:31 mydnshostname00 named[1057]: client xxx.yyy.zzz.122#26059 (example.local): query 'example.local/SOA/IN' **denied**
- options {
- listen-on port 53 { 127.0.0.1; xxx.yyy.zzz.121; };
- listen-on-v6 port 53 { ::1; };
- directory "/var/named";
- dump-file "/var/named/data/cache_dump.db";
- statistics-file "/var/named/data/named_stats.txt";
- memstatistics-file "/var/named/data/named_mem_stats.txt";
- allow-query { localhost; xxx.yyy.zzz.0/30; };
- allow-transfer { localhost; xxx.yyy.zzz.122; };
- recursion yes;
- dnssec-enable yes;
- dnssec-validation yes;
- dnssec-lookaside auto;
- /* Path to ISC DLV key */
- bindkeys-file "/etc/named.iscdlv.key";
- managed-keys-directory "/var/named/dynamic";
- pid-file "/run/named/named.pid";
- session-keyfile "/run/named/session.key";
- };
- logging {
- channel default_debug {
- file "data/named.run";
- severity dynamic;
- };
- };
- zone "." IN {
- type hint;
- file "named.ca";
- };
- zone "example.local" IN{
- type master;
- file "forward.example";
- allow-update { none; };
- };
- zone "zzz.yyy.xxx.in-addr.arpa" IN {
- type master;
- file "reverse.example";
- allow-update { none; };
- };
- include "/etc/named.rfc1912.zones";
- include "/etc/named.root.key";
- $TTL 86400
- @ IN SOA MasterDNSDomain.example.local. root.example.local. (
- 2011071001 ;Serial
- 3600 ;Refresh
- 1800 ;Retry
- 604800 ;Expire
- 86400 ;Minimum TTL
- )
- @ IN NS MasterDNSDomain.example.local.
- @ IN NS SlaveDNSDomain.example.local.
- ;@ IN A xxx.yyy.zzz.121
- ;@ IN A xxx.yyy.zzz.122
- ;@ IN A xxx.yyy.zzz.120
- ;@ IN A xxx.yyy.zzz.111
- ;@ IN A xxx.yyy.zzz.112
- @ IN A xxx.yyy.zzz.113
- MasterDNSDomain IN A xxx.yyy.zzz.121
- SlaveDNSDomain IN A xxx.yyy.zzz.122
- ClientServerco01 IN A xxx.yyy.zzz.120
- mydbhostname IN A xxx.yyy.zzz.111
- ClientServercr02 IN A xxx.yyy.zzz.112
- ClientServerwb03 IN A xxx.yyy.zzz.113
- www IN CNAME ClientServerwb03
- $TTL 86400
- @ IN SOA MasterDNSDomain.example.local. root.example.local. (
- 2011071001 ;Serial
- 3600 ;Refresh
- 1800 ;Retry
- 604800 ;Expire
- 86400 ;Minimum TTL
- )
- @ IN NS MasterDNSDomain.example.local.
- @ IN NS SlaveDNSDomain.example.local.
- 113 IN PTR example.local.
- MasterDNSDomain IN A xxx.yyy.zzz.121
- SlaveDNSDomain IN A xxx.yyy.zzz.122
- ClientServerco01 IN A xxx.yyy.zzz.120
- mydbhostname IN A xxx.yyy.zzz.111
- ClientServercr02 IN A xxx.yyy.zzz.112
- ClientServerwb03 IN A xxx.yyy.zzz.113
- 121 IN PTR MasterDNSDomain.example.local.
- 122 IN PTR SlaveDNSDomain.example.local.
- 120 IN PTR ClientServerco01.example.local.
- 111 IN PTR mydbhostname.example.local.
- 112 IN PTR ClientServercr02.example.local.
- 113 IN PTR ClientServerwb03.example.local.
- firewall-cmd --permanent --add-port=53/tcp
- firewall-cmd --permanent --add-port=53/udp
- chgrp named -R /var/named
- chown -v root:named /etc/named.conf
- restorecon -rv /var/named
- restorecon /etc/named.conf
- options {
- listen-on port 53 { 127.0.0.1; xxx.yyy.zzz.122; };
- listen-on-v6 port 53 { ::1; };
- directory "/var/named";
- dump-file "/var/named/data/cache_dump.db";
- statistics-file "/var/named/data/named_stats.txt";
- memstatistics-file "/var/named/data/named_mem_stats.txt";
- allow-query { localhost; xxx.yyy.zzz.0/30; };
- recursion yes;
- dnssec-enable yes;
- dnssec-validation yes;
- dnssec-lookaside auto;
- /* Path to ISC DLV key */
- bindkeys-file "/etc/named.iscdlv.key";
- managed-keys-directory "/var/named/dynamic";
- pid-file "/run/named/named.pid";
- session-keyfile "/run/named/session.key";
- };
- logging {
- channel default_debug {
- file "data/named.run";
- severity dynamic;
- };
- };
- zone "." IN {
- type hint;
- file "named.ca";
- };
- zone "example.local" IN {
- type slave;
- file "slaves/example.fwd";
- masters { xxx.yyy.zzz.121; };
- };
- zone "zzz.yyy.xxx.in-addr.arpa" IN {
- type slave;
- file "slaves/example.rev";
- masters { xxx.yyy.zzz.121; };
- };
- include "/etc/named.rfc1912.zones";
- include "/etc/named.root.key";
- firewall-cmd --permanent --add-port=53/tcp
- chgrp named -R /var/named
- chown -v root:named /etc/named.conf
- restorecon -rv /var/named
- restorecon /etc/named.conf
- options { allow-query { 192.168.196.0/24; localhost; }; };
- allow-query { localhost; xxx.yyy.zzz.0/30; };
Add Comment
Please, Sign In to add comment