// // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // acl dmz { 10.0.0.0/24; }; // Django : 2011-10-05 Variablendefinition acl intra { 10.0.10.0/26; }; // Django : 2011-10-05 Variablendefinition options { listen-on port 53 { 127.0.0.1; 10.0.0.20; 10.0.10.1; }; // Django : 2011-08-22 unsere Netzwerk- // interfaces definiert // listen-on-v6 port 53 { ::1; }; // IPv6 deaktiviert directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; dmz; intra; }; // Django : 2011-08-22 unsere Netzwerke allow-recursion { localhost; dmz; intra; }; // die unseren Nameserver befragen dürfen recursion yes; query-source address * port *; // Django : 2011-10-05 // unpriviligierten Port nutzen, wenn Anfragen // nach extern gestellt werden check-names master warn; // Django : 2011-10-05 // Der Nameserver soll nur warnen und nicht // abbrechen, wenn er eine Anfrage nicht // beantworten kann. (Bsp. DKIM-keys) auth-nxdomain no; // Django : 2011-10-05 // RFC1035 Konforme Arbeit (keine alten // Anfragen und Konfigurationen nutzen) dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; zone "dmz.nausch.org" IN { type master; file "dynamic/dmz-forward"; allow-update { none; }; }; zone "0.0.10.in-addr.arpa" IN { type master; file "dynamic/dmz-reverse"; allow-update { none; }; }; zone "intra.nausch.org" IN { type master; file "dynamic/intra-forward"; allow-update { none; }; }; zone "10.0.10.in-addr.arpa" IN { type master; file "dynamic/intra-reverse"; allow-update { none; }; }; zone "nausch.org" IN { type master; file "dynamic/domain-forward"; allow-update { none; }; }; zone "187.217.88.in-addr.arpa" IN { type master; file "dynamic/domain-reverse"; allow-update { none; }; };