Major Upgrade - added very detailed configs for many scenarios, with lots of examples. The server is now fully functional for an authoritative master and a recursive/forwarding cacher. You can still mount over the /etc/bind and /var/bind directories and override everything yourself. This should help many users who did not know where to start with bind.
This commit is contained in:
Ventz Petkov
@@ -0,0 +1,56 @@
|
||||
// Copy this file to /etc/bind/named.conf.options if you want to run bind as an
|
||||
// authoritative nameserver. If you want to run a recursive DNS resolver
|
||||
// instead, see Ventz's "example-configs/recursive-resolver/named.conf.options"
|
||||
//
|
||||
// BIND supports using the same daemon as both authoritative nameserver and
|
||||
// recursive resolver; it supports this because it is the oldest and original
|
||||
// nameserver and so was designed before it was realized that combining these
|
||||
// functions is inadvisable.
|
||||
//
|
||||
// In actual fact, combining these functions is a very bad idea. It is thus
|
||||
// recommended that you run a given instance of BIND as either an authoritative
|
||||
// nameserver or recursive resolver, not both. The example configuration herein
|
||||
// provides a secure starting point for running an authoritative nameserver.
|
||||
|
||||
options {
|
||||
directory "/var/bind";
|
||||
|
||||
// Configure the IPs to listen on here.
|
||||
listen-on { 127.0.0.1; };
|
||||
listen-on-v6 { none; };
|
||||
|
||||
// If you want to allow only specific hosts to use the DNS server:
|
||||
//allow-query {
|
||||
// 127.0.0.1;
|
||||
//};
|
||||
|
||||
// Specify a list of IPs/masks to allow zone transfers to here.
|
||||
//
|
||||
// You can override this on a per-zone basis by specifying this inside a zone
|
||||
// block.
|
||||
//
|
||||
// Warning: Removing this block will cause BIND to revert to its default
|
||||
// behaviour of allowing zone transfers to any host (!).
|
||||
allow-transfer {
|
||||
none;
|
||||
};
|
||||
|
||||
// If you have problems and are behind a firewall:
|
||||
//query-source address * port 53;
|
||||
|
||||
pid-file "/var/run/named/named.pid";
|
||||
|
||||
// Changing this is NOT RECOMMENDED; see the notes above and in
|
||||
// named.conf.recursive.
|
||||
allow-recursion { none; };
|
||||
recursion no;
|
||||
};
|
||||
|
||||
// Example of how to configure a zone for which this server is the master:
|
||||
//zone "example.com" IN {
|
||||
// type master;
|
||||
// file "/etc/bind/master/example.com";
|
||||
//};
|
||||
|
||||
// You can include files:
|
||||
//include "/etc/bind/example.conf";
|
||||
Reference in New Issue
Block a user