[[linux:bind]]
Trace:
Show page
AdminRecent ChangesSitemap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
linux:bind [2007/05/27 12:15]
a 		linux:bind [2011/08/01 13:31]
193.164.137.40 [audit dns]
Line 1: Line 1:
 ====== BIND (is there anyting else?) ====== ====== BIND (is there anyting else?) ======
 +==== DNSSEC ====
  
-**Speedup tips**+ 
 +To enable add to bind.named.options:\\ 
 + 
 +dnssec-enable yes;\\ 
 +dnssec-validation yes;\\ 
 +dnssec-lookaside . trust-anchor dlv.isc.org.;\\ 
 + 
 + 
 +include "/etc/bind/trusted.key"; 
 + 
 +https://www.dns-oarc.net/files/odvr/configs/bind/trusted-keys.conf\\ 
 +\\ 
 +logging {\\ 
 +...\\ 
 +        category dnssec { null;};};\\ 
 + 
 +==== Speedup tips ====
  
   > I have built a local DNS server bind (Debian Sarge).The DNS should   > I have built a local DNS server bind (Debian Sarge).The DNS should
Line 11: Line 28:
   in /etc/defaults/bind9), and you need to wait a bit until the local   in /etc/defaults/bind9), and you need to wait a bit until the local
   cache has been filled.   cache has been filled.
 +
 +==== Letting bind/named query a specific DNS server for only one specific domain ====
 +
 +Add to the file **''/etc/bind/named.conf.local''**:
 +
 +<code>
 +zone "mydomain.com" {
 + type forward;
 + forward only;
 + forwarders { 192.168.0.2; 192.168.0.6; };
 +};
 +</code>
 +
 +Of course you need to replace 'mydomain.com' as well as the 2 ip addresses in the 'forwarders'-line.
 +
 +
 +==== Unsorted ====
 +
 +
 +host -t txt -c CHAOS version.bind localhost
 +
 +named - options {version "DNS daemon";};
 +
 +host -t txt -c CHAOS hostname.bind localhost
 +
 +gethostbyname()
 +
 +
 +==== audit dns ====
 +<code>
 +kernel: audit(1209076817.081:16): type=1503 operation="inode_create" requested_mask="w::" denied_mask="w::" name="/etc/bind/xxxxx.com.hosts.jnl" pid=16561 profile="/usr/sbin/named" namespace="default"
 +</code>
 +
 +So I had a look in:
 +''/etc/apparmor.d/usr.sbin.named''
 +
 +and changed this line:
 +<code>
 +/etc/bind/** r,
 +</code>
 +
 +to this:
 +<code>
 +/etc/bind/** rw,
 +</code>
 +
 +==== Fixing syntax highlighting in VIM ====
 +
 +**~/.vimrc**
 +<code>
 +" BIND zone
 +au BufNewFile,BufRead */named/db.*,*/bind/master/*,*/bind/slave/*,*/bind/arpa/* call s:StarSetf('bindzone')
 +" BIND configuration
 +au BufNewFile,BufRead named.conf,rndc.conf,arpa.conf,named*,master.conf,slave.conf      setf named
 +</code>
 +
linux/bind.txt · Last modified: 2015/08/12 14:46 by zagi
Show pageOld revisions
Media ManagerBack to top
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready