Hotfix release available: 2025-05-14b "Librarian".
upgrade now! [56.2] (what's this?)
Hotfix release available: 2025-05-14a "Librarian".
upgrade now! [56.1] (what's this?)
New release available: 2025-05-14 "Librarian".
upgrade now! [56] (what's this?)
Hotfix release available: 2024-02-06b "Kaos".
upgrade now! [55.2] (what's this?)
Hotfix release available: 2024-02-06a "Kaos".
upgrade now! [55.1] (what's this?)
New release available: 2024-02-06 "Kaos".
upgrade now! [55] (what's this?)
Hotfix release available: 2023-04-04b "Jack Jackrum".
upgrade now! [54.2] (what's this?)
Hotfix release available: 2023-04-04a "Jack Jackrum".
upgrade now! [54.1] (what's this?)
New release available: 2023-04-04 "Jack Jackrum".
upgrade now! [54] (what's this?)
Hotfix release available: 2022-07-31b "Igor".
upgrade now! [53.1] (what's this?)
Hotfix release available: 2022-07-31a "Igor".
upgrade now! [53] (what's this?)
New release available: 2022-07-31 "Igor".
upgrade now! [52.2] (what's this?)
New release candidate 2 available: rc2022-06-26 "Igor".
upgrade now! [52.1] (what's this?)
New release candidate available: 2022-06-26 "Igor".
upgrade now! [52] (what's this?)
Hotfix release available: 2020-07-29a "Hogfather".
upgrade now! [51.4] (what's this?)
New release available: 2020-07-29 "Hogfather".
upgrade now! [51.3] (what's this?)
New release candidate 3 available: 2020-06-09 "Hogfather".
upgrade now! [51.2] (what's this?)
New release candidate 2 available: 2020-06-01 "Hogfather".
upgrade now! [51.1] (what's this?)
New release candidate available: 2020-06-01 "Hogfather".
upgrade now! [51] (what's this?)
Hotfix release available: 2018-04-22c "Greebo".
upgrade now! [50.3] (what's this?)
Hotfix release available: 2018-04-22b "Greebo".
upgrade now! [50.2] (what's this?)
Hotfix release available: 2018-04-22a "Greebo".
upgrade now! [50.1] (what's this?)
New release available: 2018-04-22 "Greebo".
upgrade now! [50] (what's this?)
Hotfix release available: 2017-02-19g "Frusterick Manners".
upgrade now! [49.7] (what's this?)
Hotfix release available: 2017-02-19f "Frusterick Manners".
upgrade now! [49.6] (what's this?)
dns
Table of Contents
Installing Bind-chroot on a Debian Wheezy Host
Creating the Host
Using Xen, create the host on the command line as follows.
xen-create-image --hostname=dns \ --vcpus=1 \ --pygrub
If a second interface needs to be added, modify /etc/xen/dns.cfg to look as follows:
vif = ['mac=00:16:3E:5A:B6:6D,bridge=inetbr0', 'mac=00:16:3E:5A:B7:6D,bridge=xenbr0' ]
Start the vm and connect to it to continue configuration
xm create /etc/xen/dns.cfg xm console dns
Conduct Initial configuration of the Guest
If a second VIF was added, edit /etc/network/interfaces to apply correctly and bring up the second interface.
Install bind
Install the bind service.
apt-get install bind9
The below file is for the external dns server. Update for the internal.
- named.conf (external)
// Maintained by: shareef12 admin@twelvetacos.com // Last known public ip: 10.1.1.0 acl self { 10.1.1.0; 127.0.0.1; }; acl dmz {}; acl internal_dns { 10.24.24.1; }; acl evil {}; controls {}; options { hostname none; version "burninator 5.0"; listen-on port 53 { self; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; recursion yes; allow-recursion { self; internal_dns; dmz; }; allow-query-cache { self, internal_dns; dmz; }; allow-update { none; }; allow-transfer { none; }; blackhole { evil; }; minimal-responses yes; querylog yes notify no; //TODO: Configure DNSSEC }; // log to /var/log/named/example.log all events from // info UP in severity (no debug) // defaults to use 3 files in rotation // failure messages up to this point are in (syslog) // typically /var/log/messages // logging { channel dns_log { file "/var/log/named/example.log" versions 3 size 2m; severity info; print-severity yes; print-time yes; print-category yes; }; category default { example_log; }; }; // required zone for recursive queries zone "." { type hint; file "root.servers"; }; zone "twelvetacos.com" in { type master; file "twelvetacos.com"; }; zone "localhost" in { type master; file "localhost"; }; zone "0.0.127.in-addr.arpa" in { type master; file "localhost.rev"; };
- twelvetacos.com (external)
$TTL 2d $ORIGIN twelvetacos.com. @ IN SOA ns1.twelvetacos.com. admin.twelvetacos.com. ( 2015010800 ; se = serial number 12h ; ref = refresh 15m ; ret = update retry 3w ; ex = expiry 3h ; min = minimum ) IN NS ns1.twelvetacos.com. IN MX 10 smtp.twelvetacos.com. IN A 10.1.1.0 ns1 IN A 10.1.1.0 smtp IN A 10.1.1.0 imap IN CNAME smtp www IN A 10.1.1.0 linode IN A 173.230.138.199 IN TXT "v=spf1 a -all" mail._domainkey IN TXT "v=DKIM1; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSnUNq0hFgLle0zxO2RGj6505UhKs8ASXS1fh5uSEmPkHlsUcw2VK3SqofonHs3CGIEfuSNI/lZyaZbRdXai43zde5+/WbP/2w6zJhEb/sNxBoCMsjoSiHxjGHLzJZ0/IlyAF6QM+U6g9bQwaiho/WS/7gzpzCGPU0zZYpLD+gfwIDAQAB"
- named.conf (internal)
// Maintained by: shareef12 admin@twelvetacos.com acl self { 10.1.1.5; 127.0.0.1; }; acl dmz {}; acl internal_dns { 10.24.24.5; }; acl evil {}; controls {}; options { hostname none; version "burninator 5.0"; listen-on port 53 { self; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; recursion yes; allow-recursion { self; internal_dns; dmz; }; allow-query-cache { self, internal_dns; dmz; }; allow-update { none; }; allow-transfer { none; }; blackhole { evil; }; minimal-responses yes; querylog yes notify no; //TODO: Configure DNSSEC }; // log to /var/log/named/example.log all events from // info UP in severity (no debug) // defaults to use 3 files in rotation // failure messages up to this point are in (syslog) // typically /var/log/messages // logging { channel dns_log { file "/var/log/named/example.log" versions 3 size 2m; severity info; print-severity yes; print-time yes; print-category yes; }; category default { example_log; }; }; // required zone for recursive queries zone "." { type hint; file "root.servers"; }; zone "twelvetacos.com" in { type master; file "twelvetacos.com"; }; zone "localhost" in { type master; file "localhost"; }; zone "0.0.127.in-addr.arpa" in { type master; file "localhost.rev"; };
- twelvetacos.com (internal)
$TTL 2d $ORIGIN twelvetacos.com. @ IN SOA ns1.twelvetacos.com. admin.twelvetacos.com. ( 2015010800 ; se = serial number 12h ; ref = refresh 15m ; ret = update retry 3w ; ex = expiry 3h ; min = minimum ) IN NS ns1.twelvetacos.com. IN MX 10 smtp.twelvetacos.com. IN A 10.1.1.32 ns1 IN A 10.1.1.1 smtp IN A 10.1.1.16 imap IN CNAME smtp www IN A 10.1.1.32 linode IN A 173.230.138.199 IN TXT "v=spf1 a -all" mail._domainkey IN TXT "v=DKIM1; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSnUNq0hFgLle0zxO2RGj6505UhKs8ASXS1fh5uSEmPkHlsUcw2VK3SqofonHs3CGIEfuSNI/lZyaZbRdXai43zde5+/WbP/2w6zJhEb/sNxBoCMsjoSiHxjGHLzJZ0/IlyAF6QM+U6g9bQwaiho/WS/7gzpzCGPU0zZYpLD+gfwIDAQAB"
- update.sh
new_ip=$(wget -qO - linode.twelvetacos.com/ip.php) old_ip=$(sed -n -e '/Last known public ip:/{s/.*: //p}' /etc/named.conf) if [ "$old_ip" != "$new_ip" ] then sed -i "s/$old_ip/$new_ip/" /etc/named.conf fi
dns.txt · Last modified: 2017/03/05 13:15 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
