Differences

This shows you the differences between two versions of the page.

--- dns [2015/01/08 23:35]
23.24.122.93 [Install bind]
+++ dns [2017/03/05 13:15] (current)
@@ Line 21: / Line 21: @@
 ====Conduct Initial configuration of the Guest====
-[[Debian Initial Config]] TODO: UPDATE (sudo, vim, tcpdump, dns-utils) (ssh configuration)
+[[Debian Initial Config]]
 If a second VIF was added, edit /etc/network/interfaces to apply correctly and bring up the second interface.
@@ Line 31: / Line 31: @@
 </code>
-<file txt named.conf>
+The below file is for the external dns server. Update for the internal.
+<file txt named.conf (external)>
+// Maintained by: shareef12 admin@twelvetacos.com
+// Last known public ip: 10.1.1.0
+acl self { 10.1.1.0; 127.0.0.1; };
+acl dmz {};
+acl internal_dns { 10.24.24.1; };
+acl evil {};
+controls {};
+options {
+    hostname none;
+    version "burninator 5.0";
+    listen-on port 53 { self; };
+    directory "/var/named";
+    dump-file "/var/named/data/cache_dump.db";
+        statistics-file "/var/named/data/named_stats.txt";
+        memstatistics-file "/var/named/data/named_mem_stats.txt";
+    recursion yes;
+    allow-recursion { self; internal_dns; dmz; };
+    allow-query-cache { self, internal_dns; dmz; };
+    allow-update { none; };
+    allow-transfer { none; };
+    blackhole { evil; };
+    minimal-responses yes;
+    querylog yes
+    notify no;
+    //TODO: Configure DNSSEC
+};
+// log to /var/log/named/example.log all events from
+// info UP in severity (no debug)
+// defaults to use 3 files in rotation
+// failure messages up to this point are in (syslog)
+// typically /var/log/messages
+//
+logging {
+    channel dns_log {
+        file "/var/log/named/example.log" versions 3 size 2m;
+        severity info;
+        print-severity yes;
+        print-time yes;
+        print-category yes;
+    };
+    category default {
+        example_log;
+    };
+};
+// required zone for recursive queries
+zone "." {
+    type hint;
+    file "root.servers";
+};
+zone "twelvetacos.com" in {
+    type master;
+    file "twelvetacos.com";
+};
+zone "localhost" in {
+    type master;
+    file "localhost";
+};
+zone "0.0.127.in-addr.arpa" in {
+    type master;
+    file "localhost.rev";
+};
+</file>
+<file txt twelvetacos.com (external)>
+$TTL 2d
+$ORIGIN twelvetacos.com.
+@             IN      SOA   ns1.twelvetacos.com. admin.twelvetacos.com. (
+                        2015010800 ; se = serial number
+h        ; ref = refresh
+m        ; ret = update retry
+w         ; ex = expiry
+h         ; min = minimum
+                        )
+              IN      NS      ns1.twelvetacos.com.
+              IN      MX  10  smtp.twelvetacos.com.
+              IN      A       10.1.1.0
+ns1           IN      A       10.1.1.0
+smtp          IN      A       10.1.1.0
+imap          IN      CNAME   smtp
+www           IN      A       10.1.1.0
+linode        IN      A       173.230.138.199
+              IN      TXT     "v=spf1 a -all"
+mail._domainkey IN    TXT     "v=DKIM1; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSnUNq0hFgLle0zxO2RGj6505UhKs8ASXS1fh5uSEmPkHlsUcw2VK3SqofonHs3CGIEfuSNI/lZyaZbRdXai43zde5+/WbP/2w6zJhEb/sNxBoCMsjoSiHxjGHLzJZ0/IlyAF6QM+U6g9bQwaiho/WS/7gzpzCGPU0zZYpLD+gfwIDAQAB"
+</file>
+<file txt named.conf (internal)>
 // Maintained by: shareef12 admin@twelvetacos.com
@@ Line 47: / Line 150: @@
     listen-on port 53 { self; };
     directory "/var/named";
-    dump-file 	"/var/named/data/cache_dump.db";
+    dump-file "/var/named/data/cache_dump.db";
         statistics-file "/var/named/data/named_stats.txt";
         memstatistics-file "/var/named/data/named_mem_stats.txt";
@@ Line 98: / Line 201: @@
     type master;
     file "localhost";
-    allow-update{none;};
 };
@@ Line 104: / Line 206: @@
     type master;
     file "localhost.rev";
-    allow-update{none;};
 };
+</file>
+<file txt twelvetacos.com (internal)>
+$TTL 2d
+$ORIGIN twelvetacos.com.
+@             IN      SOA   ns1.twelvetacos.com. admin.twelvetacos.com. (
+                        2015010800 ; se = serial number
+h        ; ref = refresh
+m        ; ret = update retry
+w         ; ex = expiry
+h         ; min = minimum
+                        )
+              IN      NS      ns1.twelvetacos.com.
+              IN      MX  10  smtp.twelvetacos.com.
+              IN      A       10.1.1.32
+ns1           IN      A       10.1.1.1
+smtp          IN      A       10.1.1.16
+imap          IN      CNAME   smtp
+www           IN      A       10.1.1.32
+linode        IN      A       173.230.138.199
+              IN      TXT     "v=spf1 a -all"
+mail._domainkey IN    TXT     "v=DKIM1; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSnUNq0hFgLle0zxO2RGj6505UhKs8ASXS1fh5uSEmPkHlsUcw2VK3SqofonHs3CGIEfuSNI/lZyaZbRdXai43zde5+/WbP/2w6zJhEb/sNxBoCMsjoSiHxjGHLzJZ0/IlyAF6QM+U6g9bQwaiho/WS/7gzpzCGPU0zZYpLD+gfwIDAQAB"
+</file>
+<file txt update.sh>
+new_ip=$(wget -qO - linode.twelvetacos.com/ip.php)
+old_ip=$(sed -n -e '/Last known public ip:/{s/.*: //p}' /etc/named.conf)
+if [ "$old_ip" != "$new_ip" ]
+then
+    sed -i "s/$old_ip/$new_ip/" /etc/named.conf
+fi
 </file>

DokuWiki

Site Tools

Differences

Page Tools