This is an old revision of the document!
BIND (is there anyting else?)
DNSSEC
To enable add to bind.named.options:
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside . trust-anchor dlv.isc.org.;
include “/etc/bind/trusted.key”;
https://www.dns-oarc.net/files/odvr/configs/bind/trusted-keys.conf
logging {
…
category dnssec { null;};};\\
Speedup tips
> I have built a local DNS server bind (Debian Sarge).The DNS should > accelerate DNS look ups by LAN clients. > But Now, in contrary the local dns is slower than a custom DNS by my > webhoster :-( You should use BIND 9, disable lookups over IPv6 (OPTIONS="-u bind -4" in /etc/defaults/bind9), and you need to wait a bit until the local cache has been filled.
Letting bind/named query a specific DNS server for only one specific domain
Add to the file /etc/bind/named.conf.local
:
zone "mydomain.com" { type forward; forward only; forwarders { 192.168.0.2; 192.168.0.6; }; };
Of course you need to replace 'mydomain.com' as well as the 2 ip addresses in the 'forwarders'-line.
Unsorted
host -t txt -c CHAOS version.bind localhost
named - options {version “DNS daemon”;};
host -t txt -c CHAOS hostname.bind localhost
gethostbyname()
audit dns
kernel: audit(1209076817.081:16): type=1503 operation="inode_create" requested_mask="w::" denied_mask="w::" name="/etc/bind/xxxxx.com.hosts.jnl" pid=16561 profile="/usr/sbin/named" namespace="default"
So I had a look in:
/etc/apparmor.d/usr.sbin.named
and changed this line:
/etc/bind/** r,
to this:
/etc/bind/** rw,
Fixing syntax highlighting in VIM
~/.vimrc
" BIND zone au BufNewFile,BufRead */named/db.*,*/bind/master/*,*/bind/slave/*,*/bind/arpa/* call s:StarSetf('bindzone') " BIND configuration au BufNewFile,BufRead named.conf,rndc.conf,arpa.conf,named*,master.conf,slave.conf setf named