<> Basic setup of bind is handled by Puppet class `hcoop::service::bind9` == New Nameserver == When adding a new nameserver to hcoop.net, or changing the values of `ns[12].hcoop.net` '''update the glue records at our registrar'''. Otherwise, `hcoop.net` may stop resolving. == Config == We're using the stock Debian bind9 configuration. You'll need to open the `domain` input port, and allow outpit port 953 on localhost for `rdnc` to be able to control bind. = Filesystem layout = BIND data lives in `/etc/bind`. This directory is seeded with the default files from the Debian `bind9` package. Additionally, we add a `zones` subdirectory. DomTool periodically deposits `/etc/bind/named.conf.local`, listing all of our hosted DNS zones and their master/slave statuses and configuration. DomTool also populates `/etc/bind/zones` with zonefiles referenced by `/etc/bind/named.conf.local` on any master servers. == Permissions == `/etc/bind/zones` must be owned by user `bind` so that it can modify/create slave zone files. ---- CategorySystemAdministration