bind9 dosn't server requests

1. # /etc/bind/named.conf
2. include "/etc/bind/named.conf.log";
3. include "/etc/bind/named.conf.acl";
4. include "/etc/bind/named.conf.options";
5. include "/etc/bind/named.conf.controls";
6. include "/etc/bind/named.conf.local";
7. include "/etc/bind/named.conf.default-zones";
8. include "/etc/bind/bind.keys";
9.  
10.  
11. # /etc/bind/named.conf.log
12. logging {
13. channel default {
14. file "/var/log/bind/bind.log" size 5m;
15. severity warning;
16. print-time yes;
17. print-severity yes;
18. print-category yes;
19. };
20.  
21. channel security_channel {
22. file "/var/log/bind/security.log";
23. severity debug;
24. print-time yes;
25. print-category yes;
26. print-severity yes;
27. };
28.  
29. channel xfer_log {
30. file "/var/log/bind/xfer.log";
31. severity info;
32. print-time yes;
33. print-category yes;
34. print-severity yes;
35. };
36.  
37. channel dnssec {
38. file "/var/log/bind/dnssec.log";
39. severity info;
40. print-time yes;
41. print-category yes;
42. print-severity yes;
43. };
44.  
45. channel query_log {
46. file "/var/log/bind/bind9-query.log";
47. severity debug 3;
48. print-time yes;
49. print-category yes;
50. print-severity yes;
51. };
52.  
53. category default { default; };
54. category dnssec { dnssec; };
55. category security { security_channel; default; };
56. category update-security { security_channel; default; };
57. category queries { query_log; };
58. category xfer-in { xfer_log; };
59. category xfer-out { xfer_log; };
60. category notify { xfer_log; };
61. category lame-servers { null; };
62. };
63.  
64.  
65. # /etc/bind/named.conf.acl
66. acl locals {
67. localhost;
68. ::1;
69. 127.0.0.1;
70. 127.0/8;
71. };
72. acl mynetworks {
73. 192.168.210.0/23; // Static+Dyn LAN via IPv4
74. 192.168.220.0/24; // Static+Dyn LAN via IPv4
75.  
76. 2001:16d8:ddde:10::/63; // Sixxs /48 range
77. 2001:16d8:ddde:20::/64; // Sixxs /48 range
78. // 2001:X:Y::/48; // routed IPv6 /48
79. fe80::/16; // Link-Local IPv6
80. };
81. acl guestnetwork {
82. 192.168.230.0/24; // Guest routed IPv4
83. 2001:16d8:ddde:30::/64; // Sixxs /48 range
84. };
85. acl testnetwork {
86. 192.168.240.0/24; // Guest routed IPv4
87. 2001:16d8:ddde:40::/64; // Sixxs /48 range
88. };
89. acl bgp-vpn {
90. 192.168.1.11; // cvs on Semark network
91. 2001:470:ded5:88::11/128; // cvs on Semark network
92. 192.168.1.14;
93. 2001:470:ded5:88::14/128;
94. };
95. acl semark {
96. 192.168.0.0/23;
97. };
98. acl blocked {
99. // Put blocked addresses here
100.  
101. };
102.  
103.  
104. # /etc/bind/named.conf.options
105. options {
106. directory "/var/cache/bind";
107. statistics-file "/var/bind/data/bind_stats.txt";
108. memstatistics-file "/var/bind/data/bind_mem_stats.txt";
109.  
110. forwarders {
111. 8.8.8.8;
112. 8.8.4.4;
113. 2001:4860:4860::8888;
114. 2001:4860:4860::8844;
115. };
116.  
117. dnssec-enable yes;
118. dnssec-validation yes;
119. dnssec-lookaside auto;
120.  
121. auth-nxdomain no; # conform to RFC1035
122.  
123. listen-on { any; };
124. listen-on-v6 { any; };
125.  
126. query-source address * ;
127. query-source-v6 address * ;
128.  
129. recursion yes;
130. version "REFUSED";
131.  
132. # provide-ixfr yes;
133. # ixfr-from-differences yes;
134.  
135. allow-query-cache {
136. locals;
137. mynetworks;
138. guestnetwork;
139. };
140. allow-query {
141. locals;
142. mynetworks;
143. guestnetwork;
144. bgp-vpn;
145. semark;
146. };
147. allow-transfer {
148. locals;
149. bgp-vpn;
150. };
151. allow-recursion {
152. locals;
153. mynetworks;
154. guestnetwork;
155. bgp-vpn;
156. };
157.  
158. blackhole {
159. blocked;
160. };
161.  
162. tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
163. };
164.  
165.  
166. # /etc/bind/named.conf.controls
167. controls {
168. inet 127.0.0.1 port 953
169. allow { locals; } keys { "rndc-key"; };
170. inet ::1 port 953
171. allow { locals; } keys { "rndc-key"; };
172.  
173. };
174.  
175.  
176. # /etc/bind/named.conf.local (only parts of it, but it's the same deal for the rest)
177. include "/etc/bind/rndc.key";
178. include "/etc/bind/transfer.key";
179. include "/etc/bind/zones.rfc1918";
180.  
181. zone "semarkit.net" {
182. type master;
183. allow-transfer {
184. locals;
185. bgp-vpn;
186. key "transfer-key";
187. };
188. also-notify {
189. 2001:470:ded5:88::11;
190. };
191. file "/etc/bind/master/semarkit.net";
192.  
193. // DNSSEC
194. key-directory "/var/cache/bind";
195. update-policy {
196. grant "rndc-key" name ANY;
197. };
198. auto-dnssec maintain;
199. inline-signing yes;
200. };
201. [...]
202. zone "dyn.semarkit.net" {
203. type master;
204. allow-transfer {
205. locals;
206. bgp-vpn;
207. key "transfer-key";
208. };
209. also-notify {
210. 2001:470:ded5:88::11;
211. };
212. file "/etc/bind/master/dyn.semarkit.net";
213.  
214. // DNSSEC
215. key-directory "/var/cache/bind";
216. update-policy {
217. grant "rndc-key" name ANY;
218. };
219. auto-dnssec maintain;
220. inline-signing yes;
221. };
222. zone "211.168.192.in-addr.arpa" {
223. type master;
224. allow-transfer {
225. locals;
226. bgp-vpn;
227. key "transfer-key";
228. };
229. also-notify {
230. 2001:470:ded5:88::11;
231. };
232. file "/etc/bind/master/db.192.168.255";
233.  
234. // DNSSEC
235. key-directory "/var/cache/bind";
236. update-policy {
237. grant "rndc-key" tcp-self ANY;
238. };
239. auto-dnssec maintain;
240. inline-signing yes;
241. };
242. zone "1.1.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
243. type master;
244. allow-transfer {
245. locals;
246. bgp-vpn;
247. key "transfer-key";
248. };
249. also-notify {
250. 2001:470:ded5:88::11;
251. };
252. file "/etc/bind/master/db.2001.470.dd5b.fe.1";
253.  
254. // DNSSEC
255. key-directory "/var/cache/bind";
256. update-policy {
257. grant "rndc-key" tcp-self ANY;
258. };
259. auto-dnssec maintain;
260. inline-signing yes;
261. };
262. [...]
263. zone "semark.dk" {
264. type slave;
265. masters { 2001:470:ded5:88::11; };
266. file "/etc/bind/slave/semark.dk";
267. };
268.  
269.  
270. # /etc/bind/named.conf.default-zones
271. // prime the server with knowledge of the root servers
272. zone "." {
273. type hint;
274. file "/etc/bind/db.root";
275. };
276. zone "localhost" {
277. type master;
278. file "/etc/bind/db.local";
279. };
280. zone "127.in-addr.arpa" {
281. type master;
282. file "/etc/bind/db.127";
283. };
284. zone "0.in-addr.arpa" {
285. type master;
286. file "/etc/bind/db.0";
287. };
288. zone "255.in-addr.arpa" {
289. type master;
290. file "/etc/bind/db.255";
291. };
292.  
293.  
294. # ls -la /etc/bind/
295. -rw-r--r-- 1 bind bind 2389 Jan 1 2015 bind.keys
296. -rw-r--r-- 1 bind bind 237 Jan 1 2015 db.0
297. -rw-r--r-- 1 bind bind 271 Jan 1 2015 db.127
298. -rw-r--r-- 1 bind bind 237 Jan 1 2015 db.255
299. -rw-r--r-- 1 bind bind 353 Jan 1 2015 db.empty
300. -rw-r--r-- 1 bind bind 270 Jan 1 2015 db.local
301. -rw-r--r-- 1 bind bind 3171 Jul 2 12:41 db.root
302. lrwxrwxrwx 1 root bind 15 Nov 21 12:29 keys -> /var/cache/bind
303. drwxrwsrwx 2 bind bind 4096 Nov 21 12:52 master
304. -rw-r--r-- 1 bind bind 607 Nov 21 12:43 named.conf
305. -rw-r--r-- 1 bind bind 985 Nov 21 09:50 named.conf.acl
306. -rw-r--r-- 1 bind bind 141 Nov 21 11:05 named.conf.controls
307. -rw-r--r-- 1 bind bind 490 Jan 1 2015 named.conf.default-zones
308. -rw-r--r-- 1 bind bind 8299 Nov 21 10:50 named.conf.local
309. -rw-r--r-- 1 bind bind 1071 Aug 9 10:47 named.conf.log
310. -rw-r--r-- 1 bind bind 1034 Nov 21 12:43 named.conf.options
311. -rwxrwxrwx 1 bind bind 77 Jan 27 2015 rndc.key
312. drwxr-sr-x 2 bind bind 4096 Nov 19 10:17 slave
313. -rw-r----- 1 bind bind 101 Jun 8 2015 transfer.key
314. -rw-r--r-- 1 bind bind 1317 Jan 1 2015 zones.rfc1918
315.  
316.  
317. # /etc/bind/rndc.key
318. key "rndc-key" {
319. algorithm hmac-md5;
320. secret "RemovedForSomeReasonOFC";
321. };
322.  
323.  
324. # /etc/bind/master/dyn.semarkit.net (before signed)
325. $ORIGIN .
326. $TTL 86400 ; 1 day
327. dyn.semarkit.net IN SOA ns1.static.semarkit.net. zonemaster.static.semarkit.net. (
328. 2016112111 ; serial
329. 14400 ; refresh (4 hours)
330. 7200 ; retry (2 hours)
331. 2419200 ; expire (4 weeks)
332. 3600 ; minimum (1 hour)
333. )
334. NS ns1.static.semarkit.net.
335. NS ns2.static.semarkit.net.
336. $ORIGIN dyn.semarkit.net.
337. $TTL 3600 ; 1 hour
338. somehostname1 A 192.168.211.53
339. TXT "029f0efce9cf5ca63568d9a132f26cc86e"
340. somehostname2 A 192.168.211.91
341. TXT "022699ab2d36dee71a9d8591093e452294"
342.  
343.  
344. # ls -la /etc/bind/master/
345. -rw-r--r-- 1 bind bind 4016 Nov 21 01:45 dyn.semarkit.net
346. -rw-r--r-- 1 bind bind 512 Nov 21 13:13 dyn.semarkit.net.jbk
347. -rw-r--r-- 1 bind bind 3986 Nov 21 13:36 dyn.semarkit.net.signed.jnl
348. -rw-r--r-- 1 bind bind 2725 Nov 21 01:45 semarkit.net
349. -rw-r--r-- 1 bind bind 512 Nov 21 13:13 semarkit.net.jbk
350. -rw-r--r-- 1 bind bind 1666 Nov 21 13:36 semarkit.net.signed.jnl
351.  
352.  
353. # /var/log/syslog
354. Nov 21 12:34:10 hds-lenovo named[4361]: starting BIND 9.10.3-P4-Debian <id:ebd72b3> -f -u bind
355. Nov 21 12:34:10 hds-lenovo named[4361]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--libdir=/usr/lib/x86_64-linux-gnu' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa' '--enable-native-pkcs11' '--with-pkcs11=/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so' 'CFLAGS=-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE' 'LDFLAGS=-fPIE -pie -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2 -DDIG_SIGCHASE'
356. Nov 21 12:34:10 hds-lenovo named[4361]: ----------------------------------------------------
357. Nov 21 12:34:10 hds-lenovo named[4361]: BIND 9 is maintained by Internet Systems Consortium,
358. Nov 21 12:34:10 hds-lenovo named[4361]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
359. Nov 21 12:34:10 hds-lenovo named[4361]: corporation. Support and training for BIND 9 are
360. Nov 21 12:34:10 hds-lenovo named[4361]: available at https://www.isc.org/support
361. Nov 21 12:34:10 hds-lenovo named[4361]: ----------------------------------------------------
362. Nov 21 12:34:10 hds-lenovo named[4361]: adjusted limit on open files from 4096 to 1048576
363. Nov 21 12:34:10 hds-lenovo named[4361]: found 2 CPUs, using 2 worker threads
364. Nov 21 12:34:10 hds-lenovo named[4361]: using 2 UDP listeners per interface
365. Nov 21 12:34:10 hds-lenovo named[4361]: using up to 4096 sockets
366. Nov 21 12:34:10 hds-lenovo named[4361]: loading configuration from '/etc/bind/named.conf'
367. Nov 21 12:34:10 hds-lenovo named[4361]: reading built-in trusted keys from file '/etc/bind/bind.keys'
368. Nov 21 12:34:10 hds-lenovo named[4361]: initializing GeoIP Country (IPv4) (type 1) DB
369. Nov 21 12:34:10 hds-lenovo named[4361]: GEO-106FREE 20150810 Build
370. Nov 21 12:34:10 hds-lenovo named[4361]: initializing GeoIP Country (IPv6) (type 12) DB
371. Nov 21 12:34:10 hds-lenovo named[4361]: GEO-106FREE 20150810 Build
372. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP City (IPv4) (type 2) DB not available
373. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP City (IPv4) (type 6) DB not available
374. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP City (IPv6) (type 30) DB not available
375. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP City (IPv6) (type 31) DB not available
376. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP Region (type 3) DB not available
377. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP Region (type 7) DB not available
378. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP ISP (type 4) DB not available
379. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP Org (type 5) DB not available
380. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP AS (type 9) DB not available
381. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP Domain (type 11) DB not available
382. Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP NetSpeed (type 10) DB not available
383. Nov 21 12:34:10 hds-lenovo named[4361]: using default UDP/IPv4 port range: [32768, 61000]
384. Nov 21 12:34:10 hds-lenovo named[4361]: using default UDP/IPv6 port range: [32768, 61000]
385. Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv6 interfaces, port 53
386. Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv4 interface lo, 127.0.0.1#53
387. Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv4 interface vlan10, 192.168.210.5#53
388. Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv4 interface vlan20, 192.168.220.5#53
389. Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv4 interface vlan30, 192.168.230.5#53
390. Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv4 interface vlan40, 192.168.240.5#53
391. Nov 21 12:34:10 hds-lenovo named[4361]: generating session key for dynamic DNS
392. Nov 21 12:34:10 hds-lenovo named[4361]: sizing zone task pool based on 52 zones
393. Nov 21 12:34:10 hds-lenovo named[4361]: using built-in DLV key for view _default
394. Nov 21 12:34:10 hds-lenovo named[4361]: set up managed keys zone for view _default, file 'managed-keys.bind'
395. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 64.100.IN-ADDR.ARPA
396. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 65.100.IN-ADDR.ARPA
397. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 66.100.IN-ADDR.ARPA
398. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 67.100.IN-ADDR.ARPA
399. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 68.100.IN-ADDR.ARPA
400. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 69.100.IN-ADDR.ARPA
401. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 70.100.IN-ADDR.ARPA
402. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 71.100.IN-ADDR.ARPA
403. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 72.100.IN-ADDR.ARPA
404. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 73.100.IN-ADDR.ARPA
405. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 74.100.IN-ADDR.ARPA
406. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 75.100.IN-ADDR.ARPA
407. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 76.100.IN-ADDR.ARPA
408. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 77.100.IN-ADDR.ARPA
409. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 78.100.IN-ADDR.ARPA
410. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 79.100.IN-ADDR.ARPA
411. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 80.100.IN-ADDR.ARPA
412. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 81.100.IN-ADDR.ARPA
413. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 82.100.IN-ADDR.ARPA
414. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 83.100.IN-ADDR.ARPA
415. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 84.100.IN-ADDR.ARPA
416. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 85.100.IN-ADDR.ARPA
417. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 86.100.IN-ADDR.ARPA
418. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 87.100.IN-ADDR.ARPA
419. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 88.100.IN-ADDR.ARPA
420. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 89.100.IN-ADDR.ARPA
421. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 90.100.IN-ADDR.ARPA
422. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 91.100.IN-ADDR.ARPA
423. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 92.100.IN-ADDR.ARPA
424. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 93.100.IN-ADDR.ARPA
425. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 94.100.IN-ADDR.ARPA
426. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 95.100.IN-ADDR.ARPA
427. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 96.100.IN-ADDR.ARPA
428. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 97.100.IN-ADDR.ARPA
429. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 98.100.IN-ADDR.ARPA
430. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 99.100.IN-ADDR.ARPA
431. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 100.100.IN-ADDR.ARPA
432. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 101.100.IN-ADDR.ARPA
433. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 102.100.IN-ADDR.ARPA
434. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 103.100.IN-ADDR.ARPA
435. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 104.100.IN-ADDR.ARPA
436. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 105.100.IN-ADDR.ARPA
437. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 106.100.IN-ADDR.ARPA
438. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 107.100.IN-ADDR.ARPA
439. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 108.100.IN-ADDR.ARPA
440. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 109.100.IN-ADDR.ARPA
441. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 110.100.IN-ADDR.ARPA
442. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 111.100.IN-ADDR.ARPA
443. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 112.100.IN-ADDR.ARPA
444. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 113.100.IN-ADDR.ARPA
445. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 114.100.IN-ADDR.ARPA
446. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 115.100.IN-ADDR.ARPA
447. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 116.100.IN-ADDR.ARPA
448. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 117.100.IN-ADDR.ARPA
449. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 118.100.IN-ADDR.ARPA
450. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 119.100.IN-ADDR.ARPA
451. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 120.100.IN-ADDR.ARPA
452. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 121.100.IN-ADDR.ARPA
453. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 122.100.IN-ADDR.ARPA
454. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 123.100.IN-ADDR.ARPA
455. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 124.100.IN-ADDR.ARPA
456. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 125.100.IN-ADDR.ARPA
457. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 126.100.IN-ADDR.ARPA
458. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 127.100.IN-ADDR.ARPA
459. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 254.169.IN-ADDR.ARPA
460. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
461. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
462. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
463. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
464. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
465. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
466. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: D.F.IP6.ARPA
467. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 8.E.F.IP6.ARPA
468. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 9.E.F.IP6.ARPA
469. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: A.E.F.IP6.ARPA
470. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: B.E.F.IP6.ARPA
471. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
472. Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: EMPTY.AS112.ARPA
473. Nov 21 12:34:10 hds-lenovo named[4361]: command channel listening on 127.0.0.1#953
474. Nov 21 12:34:10 hds-lenovo named[4361]: command channel listening on ::1#953
475.  
476. # /var/log/bind/bind.log
477. 21-Nov-2016 12:34:10.202 general: warning: /etc/bind/master/semarkit.org:5: ignoring out-of-zone data (semarkit.dk)
478. 21-Nov-2016 12:34:10.202 general: warning: /etc/bind/master/semarkit.org:11: ignoring out-of-zone data (semarkit.org)
479. 21-Nov-2016 12:34:10.208 general: warning: /etc/bind/master/semarkit.org:8: ignoring out-of-zone data (semarkit.eu)
480. 21-Nov-2016 12:34:10.208 general: warning: /etc/bind/master/semarkit.org:11: ignoring out-of-zone data (semarkit.org)
481. 21-Nov-2016 12:34:10.208 general: warning: /etc/bind/master/semarkit.org:5: ignoring out-of-zone data (semarkit.dk)
482. 21-Nov-2016 12:34:10.208 general: warning: /etc/bind/master/semarkit.org:8: ignoring out-of-zone data (semarkit.eu)
483. 21-Nov-2016 12:34:10.214 general: error: zone printers.semarkit.net/IN (signed): journal rollforward failed: journal out of sync with zone
484. 21-Nov-2016 12:34:10.214 general: error: zone printers.semarkit.net/IN (signed): not loaded due to errors.
485. 21-Nov-2016 12:34:10.214 general: error: zone printers.semarkit.net/IN (signed): receive_secure_db: out of range
486. 21-Nov-2016 12:34:10.219 general: error: zone 210.168.192.in-addr.arpa/IN (signed): receive_secure_serial: unchanged
487. 21-Nov-2016 12:34:10.219 general: error: zone 230.168.192.in-addr.arpa/IN (signed): receive_secure_serial: unchanged
488. 21-Nov-2016 12:34:10.219 general: error: zone 0.1.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa/IN (signed): receive_secure_serial: unchanged
489. 21-Nov-2016 12:34:10.229 general: error: zone 200.168.192.in-addr.arpa/IN (signed): receive_secure_serial: unchanged
490.  
491.  
492. # dig -x wiki.semarkit.net @192.168.210.5
493. ; <<>> DiG 9.9.5-11-Debian <<>> -x wiki.semarkit.net @192.168.210.5
494. ;; global options: +cmd
495. ;; connection timed out; no servers could be reached
496.  
497.  
498.  
499. # named-checkconf -px
500. options {
501. blackhole {
502. "blocked";
503. };
504. directory "/var/cache/bind";
505. listen-on {
506. "any";
507. };
508. listen-on-v6 {
509. "any";
510. };
511. memstatistics-file "/var/bind/data/bind_mem_stats.txt";
512. statistics-file "/var/bind/data/bind_stats.txt";
513. tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
514. version "REFUSED";
515. allow-query-cache {
516. "locals";
517. "mynetworks";
518. "guestnetwork";
519. };
520. allow-recursion {
521. "locals";
522. "mynetworks";
523. "guestnetwork";
524. "bgp-vpn";
525. };
526. auth-nxdomain no;
527. dnssec-enable yes;
528. dnssec-lookaside auto;
529. dnssec-validation yes;
530. query-source address 0.0.0.0 port 0;
531. query-source-v6 address :: port 0;
532. recursion yes;
533. allow-query {
534. "locals";
535. "mynetworks";
536. "guestnetwork";
537. "bgp-vpn";
538. "semark";
539. };
540. allow-transfer {
541. "locals";
542. "bgp-vpn";
543. };
544. forwarders {
545. 8.8.8.8;
546. 8.8.4.4;
547. 2001:4860:4860::8888;
548. 2001:4860:4860::8844;
549. };
550. };
551. controls {
552. inet 127.0.0.1 port 953 allow {
553. "locals";
554. } keys {
555. "rndc-key";
556. };
557. inet ::1 port 953 allow {
558. "locals";
559. } keys {
560. "rndc-key";
561. };
562. };
563. acl "locals" {
564. "localhost";
565. ::1/128;
566. 127.0.0.1/32;
567. 127.0.0.0/8;
568. };
569. acl "mynetworks" {
570. 192.168.210.0/23;
571. 192.168.220.0/24;
572. 2001:16d8:ddde:10::/63;
573. 2001:16d8:ddde:20::/64;
574. fe80::/16;
575. };
576. acl "guestnetwork" {
577. 192.168.230.0/24;
578. 2001:16d8:ddde:30::/64;
579. };
580. acl "testnetwork" {
581. 192.168.240.0/24;
582. 2001:16d8:ddde:40::/64;
583. };
584. acl "bgp-vpn" {
585. 192.168.1.11/32;
586. 2001:470:ded5:88::11/128;
587. 192.168.1.14/32;
588. 2001:470:ded5:88::14/128;
589. };
590. acl "semark" {
591. 192.168.0.0/23;
592. };
593. acl "blocked" {
594. };
595. logging {
596. channel "default" {
597. file "/var/log/bind/bind.log" size 5242880;
598. severity warning;
599. print-time yes;
600. print-severity yes;
601. print-category yes;
602. };
603. channel "security_channel" {
604. file "/var/log/bind/security.log";
605. severity debug 1;
606. print-time yes;
607. print-severity yes;
608. print-category yes;
609. };
610. channel "xfer_log" {
611. file "/var/log/bind/xfer.log";
612. severity info;
613. print-time yes;
614. print-severity yes;
615. print-category yes;
616. };
617. channel "dnssec" {
618. file "/var/log/bind/dnssec.log";
619. severity info;
620. print-time yes;
621. print-severity yes;
622. print-category yes;
623. };
624. channel "query_log" {
625. file "/var/log/bind/bind9-query.log";
626. severity debug 3;
627. print-time yes;
628. print-severity yes;
629. print-category yes;
630. };
631. category "default" {
632. "default";
633. };
634. category "dnssec" {
635. "dnssec";
636. };
637. category "security" {
638. "security_channel";
639. "default";
640. };
641. category "update-security" {
642. "security_channel";
643. "default";
644. };
645. category "queries" {
646. "query_log";
647. };
648. category "xfer-in" {
649. "xfer_log";
650. };
651. category "xfer-out" {
652. "xfer_log";
653. };
654. category "notify" {
655. "xfer_log";
656. };
657. category "lame-servers" {
658. "null";
659. };
660. };
661. key "rndc-key" {
662. algorithm "hmac-md5";
663. secret "????????????????????????";
664. };
665. key "transfer-key" {
666. algorithm "hmac-md5";
667. secret "????????????????????????????????????????????";
668. };
669. zone "10.in-addr.arpa" {
670. type master;
671. file "/etc/bind/db.empty";
672. };
673. zone "16.172.in-addr.arpa" {
674. type master;
675. file "/etc/bind/db.empty";
676. };
677. zone "17.172.in-addr.arpa" {
678. type master;
679. file "/etc/bind/db.empty";
680. };
681. zone "18.172.in-addr.arpa" {
682. type master;
683. file "/etc/bind/db.empty";
684. };
685. zone "19.172.in-addr.arpa" {
686. type master;
687. file "/etc/bind/db.empty";
688. };
689. zone "20.172.in-addr.arpa" {
690. type master;
691. file "/etc/bind/db.empty";
692. };
693. zone "21.172.in-addr.arpa" {
694. type master;
695. file "/etc/bind/db.empty";
696. };
697. zone "22.172.in-addr.arpa" {
698. type master;
699. file "/etc/bind/db.empty";
700. };
701. zone "23.172.in-addr.arpa" {
702. type master;
703. file "/etc/bind/db.empty";
704. };
705. zone "24.172.in-addr.arpa" {
706. type master;
707. file "/etc/bind/db.empty";
708. };
709. zone "25.172.in-addr.arpa" {
710. type master;
711. file "/etc/bind/db.empty";
712. };
713. zone "26.172.in-addr.arpa" {
714. type master;
715. file "/etc/bind/db.empty";
716. };
717. zone "27.172.in-addr.arpa" {
718. type master;
719. file "/etc/bind/db.empty";
720. };
721. zone "28.172.in-addr.arpa" {
722. type master;
723. file "/etc/bind/db.empty";
724. };
725. zone "29.172.in-addr.arpa" {
726. type master;
727. file "/etc/bind/db.empty";
728. };
729. zone "30.172.in-addr.arpa" {
730. type master;
731. file "/etc/bind/db.empty";
732. };
733. zone "31.172.in-addr.arpa" {
734. type master;
735. file "/etc/bind/db.empty";
736. };
737. zone "168.192.in-addr.arpa" {
738. type master;
739. file "/etc/bind/db.empty";
740. };
741. zone "semarkit.net" {
742. type master;
743. file "/etc/bind/master/semarkit.net";
744. update-policy {
745. grant "rndc-key" name "ANY" ;
746. };
747. allow-transfer {
748. "locals";
749. "bgp-vpn";
750. key "transfer-key";
751. };
752. also-notify {
753. 2001:470:ded5:88::11 ;
754. };
755. auto-dnssec maintain;
756. inline-signing yes;
757. key-directory "/var/cache/bind";
758. };
759. zone "static.semarkit.net" {
760. type master;
761. file "/etc/bind/master/static.semarkit.net";
762. update-policy {
763. grant "rndc-key" name "ANY" ;
764. };
765. allow-transfer {
766. "locals";
767. "bgp-vpn";
768. key "transfer-key";
769. };
770. also-notify {
771. 2001:470:ded5:88::11 ;
772. };
773. auto-dnssec maintain;
774. inline-signing yes;
775. key-directory "/var/cache/bind";
776. };
777. zone "210.168.192.in-addr.arpa" {
778. type master;
779. file "/etc/bind/master/db.192.168.254";
780. update-policy {
781. grant "rndc-key" tcp-self "ANY" ;
782. };
783. allow-transfer {
784. "locals";
785. "bgp-vpn";
786. key "transfer-key";
787. };
788. also-notify {
789. 2001:470:ded5:88::11 ;
790. };
791. auto-dnssec maintain;
792. inline-signing yes;
793. key-directory "/var/cache/bind";
794. };
795. zone "0.1.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
796. type master;
797. file "/etc/bind/master/db.2001.470.dd5b.fe.0";
798. update-policy {
799. grant "rndc-key" tcp-self "ANY" ;
800. };
801. allow-transfer {
802. "locals";
803. "bgp-vpn";
804. key "transfer-key";
805. };
806. also-notify {
807. 2001:470:ded5:88::11 ;
808. };
809. auto-dnssec maintain;
810. inline-signing yes;
811. key-directory "/var/cache/bind";
812. };
813. zone "printers.semarkit.net" {
814. type master;
815. file "/etc/bind/master/printers.semarkit.net";
816. update-policy {
817. grant "rndc-key" name "ANY" ;
818. };
819. allow-transfer {
820. "locals";
821. "bgp-vpn";
822. key "transfer-key";
823. };
824. also-notify {
825. };
826. auto-dnssec maintain;
827. inline-signing yes;
828. key-directory "/var/cache/bind";
829. };
830. zone "220.168.192.in-addr.arpa" {
831. type master;
832. file "/etc/bind/master/db.192.168.220";
833. update-policy {
834. grant "rndc-key" tcp-self "ANY" ;
835. };
836. allow-transfer {
837. "locals";
838. "bgp-vpn";
839. key "transfer-key";
840. };
841. also-notify {
842. };
843. auto-dnssec maintain;
844. inline-signing yes;
845. key-directory "/var/cache/bind";
846. };
847. zone "0.2.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
848. type master;
849. file "/etc/bind/master/db.2001.470.dd5b.fc";
850. update-policy {
851. grant "rndc-key" tcp-self "ANY" ;
852. };
853. allow-transfer {
854. "locals";
855. "bgp-vpn";
856. key "transfer-key";
857. };
858. also-notify {
859. };
860. auto-dnssec maintain;
861. inline-signing yes;
862. key-directory "/var/cache/bind";
863. };
864. zone "management.semarkit.net" {
865. type master;
866. file "/etc/bind/master/management.semarkit.net";
867. update-policy {
868. grant "rndc-key" name "ANY" ;
869. };
870. allow-transfer {
871. "locals";
872. "bgp-vpn";
873. key "transfer-key";
874. };
875. also-notify {
876. 2001:470:ded5:88::11 ;
877. };
878. auto-dnssec maintain;
879. inline-signing yes;
880. key-directory "/var/cache/bind";
881. };
882. zone "200.168.192.in-addr.arpa" {
883. type master;
884. file "/etc/bind/master/db.192.168.200";
885. update-policy {
886. grant "rndc-key" tcp-self "ANY" ;
887. };
888. allow-transfer {
889. "locals";
890. "bgp-vpn";
891. key "transfer-key";
892. };
893. also-notify {
894. 2001:470:ded5:88::11 ;
895. };
896. auto-dnssec maintain;
897. inline-signing yes;
898. key-directory "/var/cache/bind";
899. };
900. zone "0.0.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
901. type master;
902. file "/etc/bind/master/db.2001.16d8.ddde.00";
903. update-policy {
904. grant "rndc-key" tcp-self "ANY" ;
905. };
906. allow-transfer {
907. "locals";
908. "bgp-vpn";
909. key "transfer-key";
910. };
911. also-notify {
912. 2001:470:ded5:88::11 ;
913. };
914. auto-dnssec maintain;
915. inline-signing yes;
916. key-directory "/var/cache/bind";
917. };
918. zone "dyn.semarkit.net" {
919. type master;
920. file "/etc/bind/master/dyn.semarkit.net";
921. update-policy {
922. grant "rndc-key" name "ANY" ;
923. };
924. allow-transfer {
925. "locals";
926. "bgp-vpn";
927. key "transfer-key";
928. };
929. also-notify {
930. 2001:470:ded5:88::11 ;
931. };
932. auto-dnssec maintain;
933. inline-signing yes;
934. key-directory "/var/cache/bind";
935. };
936. zone "211.168.192.in-addr.arpa" {
937. type master;
938. file "/etc/bind/master/db.192.168.255";
939. update-policy {
940. grant "rndc-key" tcp-self "ANY" ;
941. };
942. allow-transfer {
943. "locals";
944. "bgp-vpn";
945. key "transfer-key";
946. };
947. also-notify {
948. 2001:470:ded5:88::11 ;
949. };
950. auto-dnssec maintain;
951. inline-signing yes;
952. key-directory "/var/cache/bind";
953. };
954. zone "1.1.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
955. type master;
956. file "/etc/bind/master/db.2001.470.dd5b.fe.1";
957. update-policy {
958. grant "rndc-key" tcp-self "ANY" ;
959. };
960. allow-transfer {
961. "locals";
962. "bgp-vpn";
963. key "transfer-key";
964. };
965. also-notify {
966. 2001:470:ded5:88::11 ;
967. };
968. auto-dnssec maintain;
969. inline-signing yes;
970. key-directory "/var/cache/bind";
971. };
972. zone "guest.semarkit.net" {
973. type master;
974. file "/etc/bind/master/guest.semarkit.net";
975. update-policy {
976. grant "rndc-key" name "ANY" ;
977. };
978. allow-transfer {
979. "locals";
980. "bgp-vpn";
981. key "transfer-key";
982. };
983. also-notify {
984. };
985. auto-dnssec maintain;
986. inline-signing yes;
987. key-directory "/var/cache/bind";
988. };
989. zone "230.168.192.in-addr.arpa" {
990. type master;
991. file "/etc/bind/master/db.192.168.230";
992. update-policy {
993. grant "rndc-key" tcp-self "ANY" ;
994. };
995. allow-transfer {
996. "locals";
997. "bgp-vpn";
998. key "transfer-key";
999. };
1000. also-notify {
1001. };
1002. auto-dnssec maintain;
1003. inline-signing yes;
1004. key-directory "/var/cache/bind";
1005. };
1006. zone "0.3.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
1007. type master;
1008. file "/etc/bind/master/db.2001.470.dd5b.fd";
1009. update-policy {
1010. grant "rndc-key" tcp-self "ANY" ;
1011. };
1012. allow-transfer {
1013. "locals";
1014. "bgp-vpn";
1015. key "transfer-key";
1016. };
1017. also-notify {
1018. };
1019. auto-dnssec maintain;
1020. inline-signing yes;
1021. key-directory "/var/cache/bind";
1022. };
1023. zone "test.semarkit.net" {
1024. type master;
1025. file "/etc/bind/master/test.semarkit.net";
1026. update-policy {
1027. grant "rndc-key" name "ANY" ;
1028. };
1029. allow-transfer {
1030. "locals";
1031. "bgp-vpn";
1032. key "transfer-key";
1033. };
1034. also-notify {
1035. };
1036. auto-dnssec maintain;
1037. inline-signing yes;
1038. key-directory "/var/cache/bind";
1039. };
1040. zone "240.168.192.in-addr.arpa" {
1041. type master;
1042. file "/etc/bind/master/db.192.168.240";
1043. update-policy {
1044. grant "rndc-key" tcp-self "ANY" ;
1045. };
1046. allow-transfer {
1047. "locals";
1048. "bgp-vpn";
1049. key "transfer-key";
1050. };
1051. also-notify {
1052. };
1053. auto-dnssec maintain;
1054. inline-signing yes;
1055. key-directory "/var/cache/bind";
1056. };
1057. zone "0.4.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
1058. type master;
1059. file "/etc/bind/master/db.2001.16d8.ddde.40";
1060. update-policy {
1061. grant "rndc-key" tcp-self "ANY" ;
1062. };
1063. allow-transfer {
1064. "locals";
1065. "bgp-vpn";
1066. key "transfer-key";
1067. };
1068. also-notify {
1069. };
1070. auto-dnssec maintain;
1071. inline-signing yes;
1072. key-directory "/var/cache/bind";
1073. };
1074. zone "semarkit.dk" {
1075. type master;
1076. file "/etc/bind/master/semarkit.org";
1077. allow-transfer {
1078. "locals";
1079. "bgp-vpn";
1080. key "transfer-key";
1081. };
1082. };
1083. zone "semarkit.eu" {
1084. type master;
1085. file "/etc/bind/master/semarkit.org";
1086. allow-transfer {
1087. "locals";
1088. "bgp-vpn";
1089. key "transfer-key";
1090. };
1091. };
1092. zone "semarkit.org" {
1093. type master;
1094. file "/etc/bind/master/semarkit.org";
1095. allow-transfer {
1096. "locals";
1097. "bgp-vpn";
1098. key "transfer-key";
1099. };
1100. };
1101. zone "semark.dk" {
1102. type slave;
1103. file "/etc/bind/slave/semark.dk";
1104. masters {
1105. 2001:470:ded5:88::11 ;
1106. };
1107. };
1108. zone "static.semark.dk" {
1109. type slave;
1110. file "/etc/bind/slave/static.semark.dk";
1111. masters {
1112. 2001:470:ded5:88::11 ;
1113. };
1114. };
1115. zone "dyn.semark.dk" {
1116. type slave;
1117. file "/etc/bind/slave/dyn.semark.dk";
1118. masters {
1119. 2001:470:ded5:88::11 ;
1120. };
1121. };
1122. zone "1.168.192.in-addr.arpa" {
1123. type slave;
1124. file "/etc/bind/slave/192.168.1";
1125. masters {
1126. 2001:470:ded5:88::11 ;
1127. };
1128. };
1129. zone "0.168.192.in-addr.arpa" {
1130. type slave;
1131. file "/etc/bind/slave/192.168.0";
1132. masters {
1133. 2001:470:ded5:88::11 ;
1134. };
1135. };
1136. zone "0.0.0.0.8.8.0.0.5.d.e.d.0.7.4.0.1.0.0.2.ip6.arpa" {
1137. type slave;
1138. file "/etc/bind/slave/2001:470:ded5:88";
1139. masters {
1140. 2001:470:ded5:88::11 ;
1141. };
1142. };
1143. zone "1.0.0.0.8.8.0.0.5.d.e.d.0.7.4.0.1.0.0.2.ip6.arpa" {
1144. type slave;
1145. file "/etc/bind/slave/2001.470.ded5.88.0";
1146. masters {
1147. 2001:470:ded5:88::11 ;
1148. };
1149. };
1150. zone "." {
1151. type hint;
1152. file "/etc/bind/db.root";
1153. };
1154. zone "localhost" {
1155. type master;
1156. file "/etc/bind/db.local";
1157. };
1158. zone "127.in-addr.arpa" {
1159. type master;
1160. file "/etc/bind/db.127";
1161. };
1162. zone "0.in-addr.arpa" {
1163. type master;
1164. file "/etc/bind/db.0";
1165. };
1166. zone "255.in-addr.arpa" {
1167. type master;
1168. file "/etc/bind/db.255";
1169. };
1170. managed-keys {
1171. "dlv.isc.org." initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2
1172. brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+
1173. 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5
1174. ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk
1175. Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM
1176. QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt
1177. TDN0YUuWrBNh";
1178. "." initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF
1179. FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX
1180. bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD
1181. X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz
1182. W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS
1183. Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq
1184. QxA+Uk1ihz0=";
1185. };
1186.  
1187.  
1188. # lsof -nPi | grep -iF named
1189. named 5766 bind 21u IPv6 44904334 0t0 TCP *:53 (LISTEN)
1190. named 5766 bind 22u IPv4 44904338 0t0 TCP 127.0.0.1:53 (LISTEN)
1191. named 5766 bind 23u IPv4 44904340 0t0 TCP 192.168.210.5:53 (LISTEN)
1192. named 5766 bind 24u IPv4 44904342 0t0 TCP 192.168.220.5:53 (LISTEN)
1193. named 5766 bind 25u IPv4 44904344 0t0 TCP 192.168.230.5:53 (LISTEN)
1194. named 5766 bind 26u IPv4 44904346 0t0 TCP 192.168.240.5:53 (LISTEN)
1195. named 5766 bind 27u IPv4 44904349 0t0 TCP 127.0.0.1:953 (LISTEN)
1196. named 5766 bind 28u IPv6 44904350 0t0 TCP [::1]:953 (LISTEN)
1197. named 5766 bind 512u IPv6 44904333 0t0 UDP *:53
1198. named 5766 bind 513u IPv6 44904333 0t0 UDP *:53
1199. named 5766 bind 514u IPv4 44904337 0t0 UDP 127.0.0.1:53
1200. named 5766 bind 515u IPv4 44904337 0t0 UDP 127.0.0.1:53
1201. named 5766 bind 516u IPv4 44904339 0t0 UDP 192.168.210.5:53
1202. named 5766 bind 517u IPv4 44904339 0t0 UDP 192.168.210.5:53
1203. named 5766 bind 518u IPv4 44904341 0t0 UDP 192.168.220.5:53
1204. named 5766 bind 519u IPv4 44904341 0t0 UDP 192.168.220.5:53
1205. named 5766 bind 520u IPv4 44904343 0t0 UDP 192.168.230.5:53
1206. named 5766 bind 521u IPv4 44904343 0t0 UDP 192.168.230.5:53
1207. named 5766 bind 522u IPv4 44904345 0t0 UDP 192.168.240.5:53
1208. named 5766 bind 523u IPv4 44904345 0t0 UDP 192.168.240.5:53
1209. named 5766 bind 524u IPv6 44904352 0t0 UDP [2001:16d8:ddde:10::5]:49082->[2001:4860:4860::8844]:53
1210. named 5766 bind 525u IPv6 44904353 0t0 UDP [2001:16d8:ddde:10::5]:48415->[2001:4860:4860::8844]:53
1211. named 5766 bind 526u IPv6 44904354 0t0 UDP [2001:16d8:ddde:10::5]:47717->[2001:4860:4860::8844]:53
1212.  
1213.  
1214. # iptables -vnL --lin
1215. Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
1216. num pkts bytes target prot opt in out source destination
1217. 1 12M 992M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
1218.  
1219. Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
1220. num pkts bytes target prot opt in out source destination
1221. 1 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
1222.  
1223. Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
1224. num pkts bytes target prot opt in out source destination
1225. 1 5977K 53G ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0