Add linode, update augsburg IP

[sysconfig/bind.git] / named.conf.options

diff --git a/named.conf.options b/named.conf.options
index af797589324c48ba740c06054e42720c2e6af4bf..8c01847565887cd364a58d456b888bb360eedd1a 100644 (file)
--- a/named.conf.options
+++ b/named.conf.options
@@ -10,11 +10,38 @@ options {
        // Uncomment the following block, and insert the addresses replacing 
        // the all-0's placeholder.
 
-       // forwarders {
-       //      0.0.0.0;
-       // };
+       // ALEX DEHNERT: slightly updated 2008-12-19
+       // ALEX DEHNERT: slightly updated 2010-03-01
+       forward first;
+       forwarders {
+               18.0.71.151;
+               18.0.70.160;
+               18.0.72.3;
+       };
+
+       //========================================================================
+       // If BIND logs error messages about the root key being expired,
+       // you will need to update your keys.  See https://www.isc.org/bind-keys
+       //========================================================================
+       dnssec-validation auto;
+
+       // ALEX DEHNERT: copied from old arctic version on 2008-12-19
+       //ALEX DEHNERT: Security-related stuff:
+       // Secure(ish):
+       allow-recursion { 18.18.208.12; 66.92.29.156; 66.92.29.144; 127.0.0.1; 192.168.0.0/16; 18.0.0.0/8; };
+       //allow-query   { 66.92.29.156; 66.92.29.144; 127.0.0.1; };
+       allow-transfer { none; };
+
+       // Insecure:
+       //allow-recursion       { any; };
+       allow-query     { any; };
+
 
        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
+
+       // Decent info on DNS
+       // http://newweb.zytrax.com/books/dns/ch2/
+       // http://www.madboa.com/geek/soho-bind/
 };