|
Size: 669
Comment:
|
← Revision 9 as of 2018-10-21 16:58:23 ⇥
Size: 1110
Comment: mention puppet class, no need to mention changes made in squeeze nowadays
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| <<TableOfContents>> Basic setup of bind is handled by Puppet class `hcoop::service::bind9` == New Nameserver == When adding a new nameserver to hcoop.net, or changing the values of `ns[12].hcoop.net` '''update the glue records at our registrar'''. Otherwise, `hcoop.net` may stop resolving. == Config == We're using the stock Debian bind9 configuration. You'll need to open the `domain` input port, and allow outpit port 953 on localhost for `rdnc` to be able to control bind. |
|
| Line 3: | Line 15: |
| On both deleuze and mire, BIND data lives in `/etc/bind`. This directory is seeded with the default files from the Debian `bind9` package. Additionally, we add a `zones` subdirectory. | BIND data lives in `/etc/bind`. This directory is seeded with the default files from the Debian `bind9` package. Additionally, we add a `zones` subdirectory. |
| Line 5: | Line 17: |
| DomTool periodically deposits `/etc/bind/named.conf.local`, listing all of our hosted DNS zones and their master/slave statuses and configuration. DomTool also populates `/etc/bind/zones` with zonefiles referenced by `/etc/bind/named.conf.local`. | DomTool periodically deposits `/etc/bind/named.conf.local`, listing all of our hosted DNS zones and their master/slave statuses and configuration. DomTool also populates `/etc/bind/zones` with zonefiles referenced by `/etc/bind/named.conf.local` on any master servers. |
| Line 9: | Line 21: |
| `/etc/bind/zones` should be owned by user `bind`, since BIND seems to like creating temporary files there. I've only yet seen this matter during updating of slave zone information. | `/etc/bind/zones` must be owned by user `bind` so that it can modify/create slave zone files. ---- CategorySystemAdministration |
Contents
Basic setup of bind is handled by Puppet class hcoop::service::bind9
1. New Nameserver
When adding a new nameserver to hcoop.net, or changing the values of ns[12].hcoop.net update the glue records at our registrar. Otherwise, hcoop.net may stop resolving.
2. Config
We're using the stock Debian bind9 configuration. You'll need to open the domain input port, and allow outpit port 953 on localhost for rdnc to be able to control bind.
3. Filesystem layout
BIND data lives in /etc/bind. This directory is seeded with the default files from the Debian bind9 package. Additionally, we add a zones subdirectory.
DomTool periodically deposits /etc/bind/named.conf.local, listing all of our hosted DNS zones and their master/slave statuses and configuration. DomTool also populates /etc/bind/zones with zonefiles referenced by /etc/bind/named.conf.local on any master servers.
4. Permissions
/etc/bind/zones must be owned by user bind so that it can modify/create slave zone files.