User Tools

Site Tools


software:bind

This is an old revision of the document!


BIND

How-Tos

TLD based forwarding

Are you scared by your company? Company DNS are slow and unreliable? Run your own server forwarding everything to your favorite DNS and just the internal TLDs to your company!

  1. edit /etc/bind/named.conf.options and append in option section:
            // Avoid forward problems
            dnssec-enable yes;
            dnssec-validation yes;
            
            // Allow recursion
            recursion yes;
            // Filter requesters
            allow-query { goodclients; };
            
            // Main reliable DNS
            forwarders {
                    208.67.222.222; // OpenDNS
                    8.8.4.4; // Google DNS
            };
            
            // We want only forward requests, not act as real DNS
            forward only;
  2. and add a new option to define who can query
    acl goodclients {
        192.168.2.0/24;
        localhost;
        localnets;
    };
  3. create your specifc tld /etc/bind/named.conf.lan
    zone "lan." IN {
       type forward;
       forward only;
       forwarders { COMPANY_DNS; };
     };
  4. add it to the included zones in /etc/bind/named.conf
    include "/etc/bind/named.conf.lan";
  5. restart bind
    # service bind9 restart
  6. enjoy cached&untracked queries :)

Specify some overrides

* edit /etc/bind/named.conf.options and append in option section:

response-policy { zone "custom-overrides"; };

* edit /etc/bind/named.conf.local and append the zone:

zone "custom-overrides" {type master; file "/etc/bind/custom-overrides"; allow-query {none;}; };

* edit /etc/bind/custom-overrides and append the zone:

$TTL 1H
@                       SOA LOCALHOST. myhost.example.com (1 1h 15m 30d 2h)
                        NS  LOCALHOST.

custom.google.com A   10.232.101.2
facebook.com      A   192.168.3.8
software/bind.1535858501.txt · Last modified: 2018/09/02 05:21 by Michele Porelli