Hotfix release available: 2025-05-14b "Librarian".
upgrade now! [56.2] (what's this?)
Hotfix release available: 2025-05-14a "Librarian".
upgrade now! [56.1] (what's this?)
New release available: 2025-05-14 "Librarian".
upgrade now! [56] (what's this?)
Hotfix release available: 2024-02-06b "Kaos".
upgrade now! [55.2] (what's this?)
Hotfix release available: 2024-02-06a "Kaos".
upgrade now! [55.1] (what's this?)
New release available: 2024-02-06 "Kaos".
upgrade now! [55] (what's this?)
Hotfix release available: 2023-04-04b "Jack Jackrum".
upgrade now! [54.2] (what's this?)
Hotfix release available: 2023-04-04a "Jack Jackrum".
upgrade now! [54.1] (what's this?)
New release available: 2023-04-04 "Jack Jackrum".
upgrade now! [54] (what's this?)
Hotfix release available: 2022-07-31b "Igor".
upgrade now! [53.1] (what's this?)
Hotfix release available: 2022-07-31a "Igor".
upgrade now! [53] (what's this?)
New release available: 2022-07-31 "Igor".
upgrade now! [52.2] (what's this?)
New release candidate 2 available: rc2022-06-26 "Igor".
upgrade now! [52.1] (what's this?)
New release candidate available: 2022-06-26 "Igor".
upgrade now! [52] (what's this?)
Hotfix release available: 2020-07-29a "Hogfather".
upgrade now! [51.4] (what's this?)
New release available: 2020-07-29 "Hogfather".
upgrade now! [51.3] (what's this?)
New release candidate 3 available: 2020-06-09 "Hogfather".
upgrade now! [51.2] (what's this?)
New release candidate 2 available: 2020-06-01 "Hogfather".
upgrade now! [51.1] (what's this?)
New release candidate available: 2020-06-01 "Hogfather".
upgrade now! [51] (what's this?)
Hotfix release available: 2018-04-22c "Greebo".
upgrade now! [50.3] (what's this?)
Hotfix release available: 2018-04-22b "Greebo".
upgrade now! [50.2] (what's this?)
Hotfix release available: 2018-04-22a "Greebo".
upgrade now! [50.1] (what's this?)
New release available: 2018-04-22 "Greebo".
upgrade now! [50] (what's this?)
Hotfix release available: 2017-02-19g "Frusterick Manners".
upgrade now! [49.7] (what's this?)
Hotfix release available: 2017-02-19f "Frusterick Manners".
upgrade now! [49.6] (what's this?)
dns
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
dns [2015/01/02 18:00] 76.6.119.33 created |
dns [2017/03/05 13:15] (current) |
||
|---|---|---|---|
| Line 21: | Line 21: | ||
| ====Conduct Initial configuration of the Guest==== | ====Conduct Initial configuration of the Guest==== | ||
| - | [[Debian Initial Config]] TODO: UPDATE (sudo, vim, tcpdump, dns-utils) (ssh configuration) | + | [[Debian Initial Config]] |
| If a second VIF was added, edit /etc/network/interfaces to apply correctly and bring up the second interface. | If a second VIF was added, edit /etc/network/interfaces to apply correctly and bring up the second interface. | ||
| Line 30: | Line 30: | ||
| apt-get install bind9 | apt-get install bind9 | ||
| </code> | </code> | ||
| + | |||
| + | The below file is for the external dns server. Update for the internal. | ||
| + | <file txt named.conf (external)> | ||
| + | |||
| + | // Maintained by: shareef12 admin@twelvetacos.com | ||
| + | // Last known public ip: 10.1.1.0 | ||
| + | |||
| + | acl self { 10.1.1.0; 127.0.0.1; }; | ||
| + | acl dmz {}; | ||
| + | acl internal_dns { 10.24.24.1; }; | ||
| + | acl evil {}; | ||
| + | |||
| + | controls {}; | ||
| + | |||
| + | options { | ||
| + | hostname none; | ||
| + | version "burninator 5.0"; | ||
| + | listen-on port 53 { self; }; | ||
| + | directory "/var/named"; | ||
| + | dump-file "/var/named/data/cache_dump.db"; | ||
| + | statistics-file "/var/named/data/named_stats.txt"; | ||
| + | memstatistics-file "/var/named/data/named_mem_stats.txt"; | ||
| + | recursion yes; | ||
| + | allow-recursion { self; internal_dns; dmz; }; | ||
| + | allow-query-cache { self, internal_dns; dmz; }; | ||
| + | | ||
| + | allow-update { none; }; | ||
| + | allow-transfer { none; }; | ||
| + | blackhole { evil; }; | ||
| + | | ||
| + | minimal-responses yes; | ||
| + | querylog yes | ||
| + | notify no; | ||
| + | |||
| + | //TODO: Configure DNSSEC | ||
| + | }; | ||
| + | |||
| + | // log to /var/log/named/example.log all events from | ||
| + | // info UP in severity (no debug) | ||
| + | // defaults to use 3 files in rotation | ||
| + | // failure messages up to this point are in (syslog) | ||
| + | // typically /var/log/messages | ||
| + | // | ||
| + | logging { | ||
| + | channel dns_log { | ||
| + | file "/var/log/named/example.log" versions 3 size 2m; | ||
| + | severity info; | ||
| + | print-severity yes; | ||
| + | print-time yes; | ||
| + | print-category yes; | ||
| + | }; | ||
| + | category default { | ||
| + | example_log; | ||
| + | }; | ||
| + | }; | ||
| + | |||
| + | // required zone for recursive queries | ||
| + | zone "." { | ||
| + | type hint; | ||
| + | file "root.servers"; | ||
| + | }; | ||
| + | |||
| + | zone "twelvetacos.com" in { | ||
| + | type master; | ||
| + | file "twelvetacos.com"; | ||
| + | }; | ||
| + | |||
| + | zone "localhost" in { | ||
| + | type master; | ||
| + | file "localhost"; | ||
| + | }; | ||
| + | |||
| + | zone "0.0.127.in-addr.arpa" in { | ||
| + | type master; | ||
| + | file "localhost.rev"; | ||
| + | }; | ||
| + | </file> | ||
| + | |||
| + | |||
| + | <file txt twelvetacos.com (external)> | ||
| + | $TTL 2d | ||
| + | $ORIGIN twelvetacos.com. | ||
| + | @ IN SOA ns1.twelvetacos.com. admin.twelvetacos.com. ( | ||
| + | 2015010800 ; se = serial number | ||
| + | 12h ; ref = refresh | ||
| + | 15m ; ret = update retry | ||
| + | 3w ; ex = expiry | ||
| + | 3h ; min = minimum | ||
| + | ) | ||
| + | IN NS ns1.twelvetacos.com. | ||
| + | IN MX 10 smtp.twelvetacos.com. | ||
| + | |||
| + | IN A 10.1.1.0 | ||
| + | ns1 IN A 10.1.1.0 | ||
| + | smtp IN A 10.1.1.0 | ||
| + | imap IN CNAME smtp | ||
| + | www IN A 10.1.1.0 | ||
| + | linode IN A 173.230.138.199 | ||
| + | |||
| + | IN TXT "v=spf1 a -all" | ||
| + | mail._domainkey IN TXT "v=DKIM1; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSnUNq0hFgLle0zxO2RGj6505UhKs8ASXS1fh5uSEmPkHlsUcw2VK3SqofonHs3CGIEfuSNI/lZyaZbRdXai43zde5+/WbP/2w6zJhEb/sNxBoCMsjoSiHxjGHLzJZ0/IlyAF6QM+U6g9bQwaiho/WS/7gzpzCGPU0zZYpLD+gfwIDAQAB" | ||
| + | </file> | ||
| + | |||
| + | |||
| + | <file txt named.conf (internal)> | ||
| + | |||
| + | // Maintained by: shareef12 admin@twelvetacos.com | ||
| + | |||
| + | acl self { 10.1.1.5; 127.0.0.1; }; | ||
| + | acl dmz {}; | ||
| + | acl internal_dns { 10.24.24.5; }; | ||
| + | acl evil {}; | ||
| + | |||
| + | controls {}; | ||
| + | |||
| + | options { | ||
| + | hostname none; | ||
| + | version "burninator 5.0"; | ||
| + | listen-on port 53 { self; }; | ||
| + | directory "/var/named"; | ||
| + | dump-file "/var/named/data/cache_dump.db"; | ||
| + | statistics-file "/var/named/data/named_stats.txt"; | ||
| + | memstatistics-file "/var/named/data/named_mem_stats.txt"; | ||
| + | recursion yes; | ||
| + | allow-recursion { self; internal_dns; dmz; }; | ||
| + | allow-query-cache { self, internal_dns; dmz; }; | ||
| + | | ||
| + | allow-update { none; }; | ||
| + | allow-transfer { none; }; | ||
| + | blackhole { evil; }; | ||
| + | | ||
| + | minimal-responses yes; | ||
| + | querylog yes | ||
| + | notify no; | ||
| + | |||
| + | //TODO: Configure DNSSEC | ||
| + | }; | ||
| + | |||
| + | // log to /var/log/named/example.log all events from | ||
| + | // info UP in severity (no debug) | ||
| + | // defaults to use 3 files in rotation | ||
| + | // failure messages up to this point are in (syslog) | ||
| + | // typically /var/log/messages | ||
| + | // | ||
| + | logging { | ||
| + | channel dns_log { | ||
| + | file "/var/log/named/example.log" versions 3 size 2m; | ||
| + | severity info; | ||
| + | print-severity yes; | ||
| + | print-time yes; | ||
| + | print-category yes; | ||
| + | }; | ||
| + | category default { | ||
| + | example_log; | ||
| + | }; | ||
| + | }; | ||
| + | |||
| + | // required zone for recursive queries | ||
| + | zone "." { | ||
| + | type hint; | ||
| + | file "root.servers"; | ||
| + | }; | ||
| + | |||
| + | zone "twelvetacos.com" in { | ||
| + | type master; | ||
| + | file "twelvetacos.com"; | ||
| + | }; | ||
| + | |||
| + | zone "localhost" in { | ||
| + | type master; | ||
| + | file "localhost"; | ||
| + | }; | ||
| + | |||
| + | zone "0.0.127.in-addr.arpa" in { | ||
| + | type master; | ||
| + | file "localhost.rev"; | ||
| + | }; | ||
| + | </file> | ||
| + | |||
| + | |||
| + | <file txt twelvetacos.com (internal)> | ||
| + | $TTL 2d | ||
| + | $ORIGIN twelvetacos.com. | ||
| + | @ IN SOA ns1.twelvetacos.com. admin.twelvetacos.com. ( | ||
| + | 2015010800 ; se = serial number | ||
| + | 12h ; ref = refresh | ||
| + | 15m ; ret = update retry | ||
| + | 3w ; ex = expiry | ||
| + | 3h ; min = minimum | ||
| + | ) | ||
| + | IN NS ns1.twelvetacos.com. | ||
| + | IN MX 10 smtp.twelvetacos.com. | ||
| + | |||
| + | IN A 10.1.1.32 | ||
| + | ns1 IN A 10.1.1.1 | ||
| + | smtp IN A 10.1.1.16 | ||
| + | imap IN CNAME smtp | ||
| + | www IN A 10.1.1.32 | ||
| + | linode IN A 173.230.138.199 | ||
| + | |||
| + | IN TXT "v=spf1 a -all" | ||
| + | mail._domainkey IN TXT "v=DKIM1; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSnUNq0hFgLle0zxO2RGj6505UhKs8ASXS1fh5uSEmPkHlsUcw2VK3SqofonHs3CGIEfuSNI/lZyaZbRdXai43zde5+/WbP/2w6zJhEb/sNxBoCMsjoSiHxjGHLzJZ0/IlyAF6QM+U6g9bQwaiho/WS/7gzpzCGPU0zZYpLD+gfwIDAQAB" | ||
| + | </file> | ||
| + | |||
| + | |||
| + | <file txt update.sh> | ||
| + | new_ip=$(wget -qO - linode.twelvetacos.com/ip.php) | ||
| + | old_ip=$(sed -n -e '/Last known public ip:/{s/.*: //p}' /etc/named.conf) | ||
| + | |||
| + | if [ "$old_ip" != "$new_ip" ] | ||
| + | then | ||
| + | sed -i "s/$old_ip/$new_ip/" /etc/named.conf | ||
| + | fi | ||
| + | </file> | ||
dns.1420239655.txt.gz ยท Last modified: 2017/03/05 13:15 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
