diff options
| -rw-r--r-- | bind/fake-222/oroe.dk | 5 | ||||
| -rw-r--r-- | bind/named.conf.local | 48 | ||||
| -rw-r--r-- | bind/pri/JONES-cloud-www | 2 | ||||
| -rw-r--r-- | bind/pri/omni-presence.dk | 2 | ||||
| -rw-r--r-- | bind/pri/oroe.dk | 7 |
5 files changed, 53 insertions, 11 deletions
diff --git a/bind/fake-222/oroe.dk b/bind/fake-222/oroe.dk index cce9682..7570a8b 100644 --- a/bind/fake-222/oroe.dk +++ b/bind/fake-222/oroe.dk @@ -14,6 +14,9 @@ ftp CNAME accessproxy.webpod7-cph3.one.com. imap A 46.30.211.21 phpmyadmin CNAME dbadmin.one.com. pop A 46.30.211.21 +posten A 94.231.103.90 +*.posten A 94.231.103.90 + $INCLUDE /etc/local-JONES.DK/bind/skel/A-222 genskabet $INCLUDE /etc/local-JONES.DK/bind/skel/A-222 www.genskabet $INCLUDE /etc/local-JONES.DK/bind/skel/CNAME-legacycloud source @@ -21,7 +24,5 @@ $INCLUDE /etc/local-JONES.DK/bind/skel/CNAME-legacycloud *.source $INCLUDE /etc/local-JONES.DK/bind/skel/A-222 mejeriet $INCLUDE /etc/local-JONES.DK/bind/skel/A-222 source.mejeriet $INCLUDE /etc/local-JONES.DK/bind/skel/A-222 www.mejeriet -$INCLUDE /etc/local-JONES.DK/bind/skel/A-222 posten -$INCLUDE /etc/local-JONES.DK/bind/skel/A-222 www.posten * CNAME oroe.dk.www.service.one.com. diff --git a/bind/named.conf.local b/bind/named.conf.local index 4991dd6..06df084 100644 --- a/bind/named.conf.local +++ b/bind/named.conf.local @@ -1,22 +1,62 @@ include "/etc/local-JONES.DK/bind/named.conf.acl"; +acl jones_internals { + localhost; + 192.168.0.0/16; + 2a12:3d83:7021::/48; + fd00::/8; + fe80::/10; +}; +acl not_jones_internals { + 10.0.0.0/8; + 100.64.0.0/10; + 172.16.0.0/12; + fc00::/8; +}; view "internal" { - match-clients { 127.0.0.0/24; 192.168.222.0/24; }; + match-clients { jones_internals; }; + match-destinations { jones_internals; }; + match-recursive-only yes; + + allow-query { jones_internals; }; + allow-recursion { jones_internals; }; + allow-transfer { none; }; +// blackhole { not_jones_internals; }; include "/etc/local-JONES.DK/bind/named.conf.fake-222"; include "/etc/local-REDPILL.DK/bind/named.conf.FSUB.DE"; - include "/etc/bind/named.conf.default-zones"; + // prime the server with knowledge of the root servers + zone "." { + type hint; + file "/usr/share/dns/root.hints"; + }; + + plugin query "filter-aaaa.so" { + filter-aaaa-on-v4 yes; + filter-aaaa-on-v6 yes; + filter-aaaa { any; }; + }; }; view "external" { match-clients { any; }; recursion no; - include "/etc/bind/zones.rfc1918"; + // https://rhn.redhat.com/errata/RHSA-2013-0550.html + rate-limit { + responses-per-second 5; + window 5; + }; + +// include "/etc/bind/zones.rfc1918"; include "/etc/local-JONES.DK/bind/named.conf.pri"; include "/etc/local-REDPILL.DK/bind/named.conf.FSUB.DE.internal"; - include "/etc/bind/named.conf.default-zones"; + // prime the server with knowledge of the root servers + zone "." { + type hint; + file "/usr/share/dns/root.hints"; + }; }; diff --git a/bind/pri/JONES-cloud-www b/bind/pri/JONES-cloud-www index 6ee925c..78b540e 100644 --- a/bind/pri/JONES-cloud-www +++ b/bind/pri/JONES-cloud-www @@ -1,6 +1,6 @@ $TTL 1h @ SOA dns.jones.dk. dr.jones.dk. ( - 2023080301 + 2023091001 4h 1h 1w 1h ) $INCLUDE /etc/local-JONES.DK/bind/skel/NS diff --git a/bind/pri/omni-presence.dk b/bind/pri/omni-presence.dk index f73701d..d0eedf7 100644 --- a/bind/pri/omni-presence.dk +++ b/bind/pri/omni-presence.dk @@ -1,6 +1,6 @@ $TTL 1h @ SOA dns.jones.dk. dr.jones.dk. ( - 2023080301 + 2023091001 4h 1h 1w 1h ) $INCLUDE /etc/local-JONES.DK/bind/skel/NS diff --git a/bind/pri/oroe.dk b/bind/pri/oroe.dk index 9f94565..ef56aaa 100644 --- a/bind/pri/oroe.dk +++ b/bind/pri/oroe.dk @@ -1,6 +1,6 @@ $TTL 1h @ SOA dns.jones.dk. dr.jones.dk. ( - 2024091001 + 2025070101 4h 1h 1w 1h ) $INCLUDE /etc/local-JONES.DK/bind/skel/NS @@ -14,6 +14,9 @@ ftp CNAME accessproxy.webpod7-cph3.one.com. imap A 46.30.211.21 phpmyadmin CNAME dbadmin.one.com. pop A 46.30.211.21 +posten A 94.231.103.90 +*.posten A 94.231.103.90 + $INCLUDE /etc/local-JONES.DK/bind/skel/A genskabet $INCLUDE /etc/local-JONES.DK/bind/skel/A www.genskabet $INCLUDE /etc/local-JONES.DK/bind/skel/CNAME-legacycloud source @@ -21,7 +24,5 @@ $INCLUDE /etc/local-JONES.DK/bind/skel/CNAME-legacycloud *.source $INCLUDE /etc/local-JONES.DK/bind/skel/A mejeriet $INCLUDE /etc/local-JONES.DK/bind/skel/A source.mejeriet $INCLUDE /etc/local-JONES.DK/bind/skel/A www.mejeriet -$INCLUDE /etc/local-JONES.DK/bind/skel/A posten -$INCLUDE /etc/local-JONES.DK/bind/skel/A www.posten * CNAME oroe.dk.www.service.one.com. |