Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- named.conf.options:
- ```
- options {
- directory "/var/cache/bind";
- forwarders {
- 8.8.8.8;
- 1.1.1.1;
- 9.9.9.9;
- };
- dnssec-validation auto;
- auth-nxdomain no; # conform to RFC1035
- allow-query { any; };
- listen-on port 53 { 127.0.0.1; 192.168.0.101; };
- listen-on-v6 { any; };
- querylog yes;
- rate-limit {
- responses-per-second 10;// # of good responses per prefix-length/sec
- log-only yes;
- };
- };
- ```
- named.conf.local:
- ```
- acl slaves {
- 69.65.50.192; // ns2.afraid.org
- };
- acl internals {
- 127.0.0.0/8;
- 192.168.0.0/24;
- };
- // internal clients only (lan side)
- view "internal" {
- match-clients { internals; };
- recursion yes;
- ... //irrelevant, for lan side only
- };
- // external clients only (wan side)
- view "external" {
- match-clients { any; };
- recursion no;
- //forward zone:
- zone "mydomain.tk" {
- type master;
- file "/etc/bind/db.forward.wan";
- allow-transfer { slaves; };
- };
- };
- ```
- zone file /etc/bind/db.forward.wan
- ```
- $TTL 604800
- mydomain.tk. IN SOA homeserver.ddns.net. root.mydomain.tk. (
- 20 ; Serial
- 604800 ; Refresh
- 86400 ; Retry
- 2419200 ; Expire
- 604800 ) ; Negative Cache TTL
- IN NS homeserver.ddns.net.
- IN NS ns2.afraid.org.
- ;
- @ IN A 86.123.123.123
- www IN CNAME mydomain.tk.
- ```
- As you can see
- - my homeserver is homeserver.ddns.net, acting as master nameserver
- - the domain I am trying to host is mydomain.tk (I guess there's no need for glue records)
- - the slave is set as ns2.afraid.org (free backup dns service, it has correctly trasnferred my records, I checked serial)
- - there's no need for glue records (my master dns server is homeserver.ddns.net but zone is mydomain.tk)
- - I have configured at the mdomain.tk registrar (freenom) 2 NS records pointing to homeserver.ddns.net and ns2.afraid.org
- Thanks
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
