welcome: please sign in

Diff for "DaemonAdmin/Bind"

Differences between revisions 7 and 9 (spanning 2 versions)
Revision 7 as of 2013-01-06 21:35:59
Size: 1095
Editor: ClintonEbadi
Comment: update a bit
Revision 9 as of 2018-10-21 16:58:23
Size: 1110
Editor: ClintonEbadi
Comment: mention puppet class, no need to mention changes made in squeeze nowadays
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:

Basic setup of bind is handled by Puppet class `hcoop::service::bind9`
Line 9: Line 11:
For Debian Squeeze, we're using the stock bind9 configuration. You'll need to open up a firewall port to serve dns. We're using the stock Debian bind9 configuration. You'll need to open the `domain` input port, and allow outpit port 953 on localhost for `rdnc` to be able to control bind.
Line 13: Line 15:
On both deleuze and mire, BIND data lives in `/etc/bind`. This directory is seeded with the default files from the Debian `bind9` package. Additionally, we add a `zones` subdirectory. BIND data lives in `/etc/bind`. This directory is seeded with the default files from the Debian `bind9` package. Additionally, we add a `zones` subdirectory.
Line 19: Line 21:
`/etc/bind/zones` should be owned by user `bind`, since BIND seems to like creating temporary files there. I've only yet seen this matter during updating of slave zone information.
 `/etc/bind/zones` must be owned by user `bind` so that it can modify/create slave zone files.

Contents

    1. New Nameserver
    2. Config
  2. Filesystem layout
    1. Permissions

Basic setup of bind is handled by Puppet class hcoop::service::bind9

1. New Nameserver

When adding a new nameserver to hcoop.net, or changing the values of ns[12].hcoop.net update the glue records at our registrar. Otherwise, hcoop.net may stop resolving.

2. Config

We're using the stock Debian bind9 configuration. You'll need to open the domain input port, and allow outpit port 953 on localhost for rdnc to be able to control bind.

3. Filesystem layout

BIND data lives in /etc/bind. This directory is seeded with the default files from the Debian bind9 package. Additionally, we add a zones subdirectory.

DomTool periodically deposits /etc/bind/named.conf.local, listing all of our hosted DNS zones and their master/slave statuses and configuration. DomTool also populates /etc/bind/zones with zonefiles referenced by /etc/bind/named.conf.local on any master servers.

4. Permissions

/etc/bind/zones must be owned by user bind so that it can modify/create slave zone files.

CategorySystemAdministration

DaemonAdmin/Bind (last edited 2018-10-21 16:58:23 by ClintonEbadi)