// organization
//include "/etc/bind/zones.rfc1918";
+# zone "debuntu.foo" {
+# type master;
+# file "debuntu.foo.db";
+# notify no;
+#};
+
+//added by Alex Dehnert on 2004-11-27
+zone "dehnert.arctic.org" IN {
+ type master;
+// file "pri/arctic.zone";
+ file "/etc/bind/pri/combined-dehnerts.zone";
+ allow-update { none; };
+ allow-transfer { localhost; 207.29.250.54; 18.181.0.36; 74.207.246.137; };
+ allow-query { any; };
+ notify no;
+};
+zone "dehnerts.com" IN {
+ type master;
+// file "pri/dehnerts.zone";
+ file "/etc/bind/pri/combined-dehnerts.zone";
+ allow-update { none; };
+ allow-transfer { localhost; 207.29.250.54; 18.181.0.36; 74.207.246.137; };
+ allow-query { any; };
+ notify no;
+};
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
- // to talk to, you may need to fix the firewall to allow multiple
- // ports to talk. See http://www.kb.cert.org/vuls/id/800113
+ // to talk to, you might need to uncomment the query-source
+ // directive below. Previous versions of BIND always asked
+ // questions using port 53, but BIND 8.1 and later use an unprivileged
+ // port by default.
+
+ // query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
- // forwarders {
- // 0.0.0.0;
- // };
+ // ALEX DEHNERT: slightly updated 2008-12-19
+ // ALEX DEHNERT: slightly updated 2010-03-01
+ forward first;
+ forwarders {
+ 18.71.0.151;
+ 18.70.0.160;
+ 18.72.0.3;
+ };
+
+ // ALEX DEHNERT: copied from old arctic version on 2008-12-19
+ //ALEX DEHNERT: Security-related stuff:
+ // Secure(ish):
+ allow-recursion { 66.92.29.156; 66.92.29.144; 127.0.0.1; 192.168.0.0/16; };
+ //allow-query { 66.92.29.156; 66.92.29.144; 127.0.0.1; };
+ allow-transfer { none; };
+
+ // Insecure:
+ //allow-recursion { any; };
+ allow-query { any; };
+
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
+
+ // Decent info on DNS
+ // http://newweb.zytrax.com/books/dns/ch2/
+ // http://www.madboa.com/geek/soho-bind/
};
--- /dev/null
+$TTL 1W
+@ IN SOA ns root (
+ 2010022804 ; Serial
+ 28800 ; Refresh
+ 14400 ; Retry
+ 604800 ; Expire - 1 week
+ 86400 ) ; Minimum
+ IN NS ns
+ IN NS ns.arctic.org.
+ IN NS olinda
+ IN A 66.92.29.156
+ IN MX 10 mail
+
+; Servers
+angkor IN A 192.168.1.18
+*.angkor IN CNAME angkor
+copan IN A 66.92.29.156
+*.copan IN CNAME copan
+borobudur IN A 192.168.1.15
+borobudur IN MX 10 mail
+*.borobudur IN CNAME borobudur
+gwynedd IN A 192.168.1.16
+*.gwynedd IN CNAME gwynedd
+lushan IN CNAME lushan.mit.edu
+olinda IN A 18.208.0.204
+
+; Most services
+;mail IN A 66.92.29.156
+mail IN A 18.208.0.204
+*.imap IN CNAME mail
+;smtp IN A 66.92.29.156
+smtp IN A 18.208.0.204
+ns IN A 66.92.29.156
+;www IN CNAME copan
+www IN CNAME olinda
+rcs IN CNAME olinda
+svn IN CNAME olinda
+ldap IN CNAME copan
+jabber IN CNAME copan
+xmpp IN CNAME copan
+
+alex IN CNAME olinda
+linux IN CNAME olinda
+paly IN CNAME olinda
+voice IN CNAME olinda
+scouts IN CNAME olinda
+troop57 IN CNAME olinda
+mathcamp IN CNAME olinda
+mc IN CNAME olinda
+webapps IN CNAME olinda
+extern IN A 66.92.29.156
+phillipian IN CNAME olinda
+
+
+; Admin services
+monitoring IN CNAME borobudur
+
+; Local development services
+blog.dubrovnik IN CNAME dubrovnik-l.intern
+dubrovnik IN CNAME philacad.andover.edu
+dubrovnik-l IN CNAME philacad.andover.edu
+dubrovnik-l.intern IN A 192.168.1.17
+
+; Laptop
+ilulissat IN CNAME ilulissat.mit.edu.
+
+; Bridge
+borobudur.intern-extern-bridge IN A 192.168.2.2
+
+; Miscellaneous extra services
+evols IN A 64.202.163.10
+
+; SRV records
+_xmpp-client._tcp 3600 IN SRV 10 0 5222 jabber.dehnerts.com.
projects / sysconfig / bind.git / commitdiff