[[linux:bind]]
Trace: bind
Show pagesource
AdminRecent ChangesSitemap

This is an old revision of the document!

BIND (is there anyting else?)

DNSSEC

To enable add to bind.named.options:

dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside . trust-anchor dlv.isc.org.;

include “/etc/bind/trusted.key”;

https://www.dns-oarc.net/files/odvr/configs/bind/trusted-keys.conf

logging {

      category dnssec { null;};};\\

Speedup tips

> I have built a local DNS server bind (Debian Sarge).The DNS should
> accelerate DNS look ups by LAN clients.
> But Now, in contrary the local dns is slower than a custom DNS by my
> webhoster :-(

You should use BIND 9, disable lookups over IPv6 (OPTIONS="-u bind -4"
in /etc/defaults/bind9), and you need to wait a bit until the local
cache has been filled.

Letting bind/named query a specific DNS server for only one specific domain

Add to the file /etc/bind/named.conf.local: 

zone "mydomain.com" {
	type forward;
	forward only;
	forwarders { 192.168.0.2; 192.168.0.6; };
};

Of course you need to replace 'mydomain.com' as well as the 2 ip addresses in the 'forwarders'-line.

Unsorted

host -t txt -c CHAOS version.bind localhost

named - options {version “DNS daemon”;};

host -t txt -c CHAOS hostname.bind localhost

gethostbyname()

audit dns

kernel: audit(1209076817.081:16): type=1503 operation=“inode_create” requested_mask=“w::” denied_mask=“w::” name=“/etc\\/bind/xxxxx.com.hosts.jnl” pid=16561 profile=“/usr/sbin/named” namespace=“default”

So I had a look in:
/etc/apparmor.d/usr.sbin.named

and changed this line:
/etc/bind/ r,

to this:
/etc/bind/ rw,

linux/bind.1280935798.txt.gz · Last modified: 2010/08/04 17:29 by greebo
Show pagesourceOld revisions
Media ManagerBack to top
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready