software:bind
This is an old revision of the document!
Table of Contents
BIND
How-Tos
TLD based forwarding
Are you scared by your company? Company DNS are slow and unreliable? Run your own server forwarding everything to your favorite DNS and just the internal TLDs to your company!
- edit /etc/bind/named.conf.options and append in option section:
// Avoid forward problems dnssec-enable yes; dnssec-validation yes; // Allow recursion recursion yes; // Filter requesters allow-query { goodclients; }; // Main reliable DNS forwarders { 208.67.222.222; // OpenDNS 8.8.4.4; // Google DNS }; // We want only forward requests, not act as real DNS forward only;
- and add a new option to define who can query
acl goodclients { 192.168.2.0/24; localhost; localnets; };
- create your specifc tld /etc/bind/named.conf.lan
zone "lan." IN { type forward; forward only; forwarders { COMPANY_DNS; }; };
- add it to the included zones in /etc/bind/named.conf
include "/etc/bind/named.conf.lan";
- restart bind
# service bind9 restart
- enjoy cached&untracked queries :)
Specify some overrides
* edit /etc/bind/named.conf.options and append in option section:
response-policy { zone "custom-overrides"; };
* edit /etc/bind/named.conf.local and append the zone:
zone "custom-overrides" {type master; file "/etc/bind/custom-overrides"; allow-query {none;}; };
* edit /etc/bind/custom-overrides and append the zone:
$TTL 1H @ SOA LOCALHOST. myhost.example.com (1 1h 15m 30d 2h) NS LOCALHOST. custom.google.com A 10.232.101.2 facebook.com A 192.168.3.8
software/bind.1535858501.txt · Last modified: 2018/09/02 05:21 by Michele Porelli