UNIX System Administration Handbook - Evi Nemeth [259]
// bind 8.2 conf file - caching server
// Global options
options {
directory "/var/named";
named-xfer "/usr/local/sbin/named-xfer"; // bind 8 only
// build a rich cache on our master and official slaves
forwarders {
128.138.243.151; // mroe
128.138.243.140; // anchor
128.138.243.137; // moet
128.138.243.138; // vulture
128.138.236.20; // piper
};
forward first;
query-source address * port 53;
};
// Logging, syslog to local3, no lame servers
logging {
channel syslog_info {
syslog local3;
severity info;
};
category lame-servers { null; };
category default { syslog_info; };
};
// Root servers cache
zone "." {
type hint;
file "named.cache";
};
// Master server for localhost reverse zone
zone "0.0.127.in-addr.arpa" {
type master;
file "localhost";
notify no;
};
The config file for slave servers includes the cs.colorado.edu forward zone and several reverse zones that we have cut down to one or two for illustration. In this example, the reverse zones are not subdivided on a byte boundary (they are mostly /26s), but because all four subnets are controlled by the same administrative authority, they are kept in the same file and the CNAME hack described on page 445 is not necessary.
// bind 8.2 conf file - slave server
options {
directory "/var/named";
named-xfer "/usr/local/sbin/named-xfer"; // bind 8 only
forwarders { 128.138.243.151; }; // master
forward first;
query-source address * port 53;
allow-transfer { none; };
};
// Logging, root server hints, and localhost reverse zone are the
// same as for a caching server, so they're not shown here.
// Slave zones
zone "cs.colorado.edu" {
type slave;
file "forward/cs.colorado.edu";
masters { 128.138.243.151; };
};
zone "250.138.128.in-addr.arpa" {
type slave;
file "reverse/250.138.128";
masters { 128.138.243.151; };
};
zone "245.138.128.in-addr.arpa" {
type slave;
file "reverse/245.138.128";
masters { 128.138.243.151; };
};
// ... many, many reverse slave zones omitted
The next configuration is for the server that is both the master for cs.colorado.edu and the forwarder through which all local queries flow. This setup builds a nice cache but breaks the don’t-mix-authoritative-and-caching-servers rule.
This configuration sets a preference for local servers with a topology statement. Several servers are not listed in the parent domain’s delegations; these are notified of changes with an also-notify clause.
The master server keeps its DNS database in several files. Reverse-mapping zones are organized by subnet number. Each subnet (in our case, the third octet of a class B address) has its own file. This organization is not strictly necessary, but it keeps the files to a manageable size and makes it easy to update them. However, it does presuppose either that subnets are divided on a byte boundary or that if subnets are further subdivided, each piece remains under our administrative control.
If a single file were used for all reverse mappings, the records could be organized by network and the $ORIGIN directive could be used at the beginning of each section to reset the identity of the default domain. See page 453.
# bind 8.x conf file - master server for cs.colorado.edu
# $Id: named.conf,v 1.28 2000/01/12 00:20:34 root Exp $
acl CUnets {
128.138/16; 198.11.16/24; 204.228.69/24; 127.0.0.1;
};
# Global options
options {
directory "/var/named";
named-xfer "/usr/local/sbin/named-xfer"; # BIND 8 only
notify yes;
also-notify {
128.138.192.205; # suod
128.138.244.9; # riker
128.138.243.70; # squid
128.138.241.12; # goober
128.138.244.100; # av-server
128.138.202.19; # nago
};
query-source address * port 53;
topology { localhost; localnets; CUnets; };
};
# Logging, root hints, and localhost zone are the same and are not shown
# CS