DokuWiki

Site Tools

Trace: dns
Hotfix release available: 2025-05-14b "Librarian". upgrade now! [56.2] (what's this?)
Hotfix release available: 2025-05-14a "Librarian". upgrade now! [56.1] (what's this?)
New release available: 2025-05-14 "Librarian". upgrade now! [56] (what's this?)
Hotfix release available: 2024-02-06b "Kaos". upgrade now! [55.2] (what's this?)
Hotfix release available: 2024-02-06a "Kaos". upgrade now! [55.1] (what's this?)
New release available: 2024-02-06 "Kaos". upgrade now! [55] (what's this?)
Hotfix release available: 2023-04-04b "Jack Jackrum". upgrade now! [54.2] (what's this?)
Hotfix release available: 2023-04-04a "Jack Jackrum". upgrade now! [54.1] (what's this?)
New release available: 2023-04-04 "Jack Jackrum". upgrade now! [54] (what's this?)
Hotfix release available: 2022-07-31b "Igor". upgrade now! [53.1] (what's this?)
Hotfix release available: 2022-07-31a "Igor". upgrade now! [53] (what's this?)
New release available: 2022-07-31 "Igor". upgrade now! [52.2] (what's this?)
New release candidate 2 available: rc2022-06-26 "Igor". upgrade now! [52.1] (what's this?)
New release candidate available: 2022-06-26 "Igor". upgrade now! [52] (what's this?)
Hotfix release available: 2020-07-29a "Hogfather". upgrade now! [51.4] (what's this?)
New release available: 2020-07-29 "Hogfather". upgrade now! [51.3] (what's this?)
New release candidate 3 available: 2020-06-09 "Hogfather". upgrade now! [51.2] (what's this?)
New release candidate 2 available: 2020-06-01 "Hogfather". upgrade now! [51.1] (what's this?)
New release candidate available: 2020-06-01 "Hogfather". upgrade now! [51] (what's this?)
Hotfix release available: 2018-04-22c "Greebo". upgrade now! [50.3] (what's this?)
Hotfix release available: 2018-04-22b "Greebo". upgrade now! [50.2] (what's this?)
Hotfix release available: 2018-04-22a "Greebo". upgrade now! [50.1] (what's this?)
New release available: 2018-04-22 "Greebo". upgrade now! [50] (what's this?)
Hotfix release available: 2017-02-19g "Frusterick Manners". upgrade now! [49.7] (what's this?)
Hotfix release available: 2017-02-19f "Frusterick Manners". upgrade now! [49.6] (what's this?)
dns

This is an old revision of the document!

Table of Contents

Installing Bind-chroot on a Debian Wheezy Host

Creating the Host

Using Xen, create the host on the command line as follows. 

   xen-create-image --hostname=dns \
   --vcpus=1 \
   --pygrub

If a second interface needs to be added, modify /etc/xen/dns.cfg to look as follows: 

   vif    = ['mac=00:16:3E:5A:B6:6D,bridge=inetbr0', 'mac=00:16:3E:5A:B7:6D,bridge=xenbr0' ]

Start the vm and connect to it to continue configuration 

   xm create /etc/xen/dns.cfg
   xm console dns

Conduct Initial configuration of the Guest

Debian Initial Config TODO: UPDATE (sudo, vim, tcpdump, dns-utils) (ssh configuration)

If a second VIF was added, edit /etc/network/interfaces to apply correctly and bring up the second interface.

Install bind

Install the bind service. 

   apt-get install bind9
named.conf
// Maintained by: shareef12 admin@twelvetacos.com
 
acl self { 10.1.1.5; 127.0.0.1; };
acl dmz {};
acl internal_dns { 10.24.24.5; };
acl evil {};
 
controls {};
 
options {
    hostname none;
    version "burninator 5.0";
    listen-on port 53 { self; };
    directory "/var/named";
    dump-file 	"/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
    recursion yes;
    allow-recursion { self; internal_dns; dmz; };
    allow-query-cache { self, internal_dns; dmz; };
 
    allow-update { none; };
    allow-transfer { none; };
    blackhole { evil; };
 
    minimal-responses yes;
    querylog yes
    notify no;
 
    //TODO: Configure DNSSEC
};
 
// log to /var/log/named/example.log all events from 
// info UP in severity (no debug)
// defaults to use 3 files in rotation
// failure messages up to this point are in (syslog) 
// typically /var/log/messages
//
logging {
    channel dns_log {
        file "/var/log/named/example.log" versions 3 size 2m;
        severity info;
        print-severity yes;
        print-time yes;
        print-category yes;
    };
    category default {
        example_log;
    };
};
 
// required zone for recursive queries
zone "." {
    type hint;
    file "root.servers";
};
 
zone "twelvetacos.com" in {
    type master;
    file "twelvetacos.com";
};
 
zone "localhost" in {
    type master;
    file "localhost";
    allow-update{none;};
};
 
zone "0.0.127.in-addr.arpa" in {
    type master;
    file "localhost.rev";
    allow-update{none;};
};
dns.1420778137.txt.gz · Last modified: 2017/03/05 13:15 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki