DNS
Domain Name Service trickery
Standard Config
Standard Config
Reading
A good online source is Zytrax's Book on DNS.
Standard
A go to config for DNS might be:
acl "soho" { 192.168/16; 127/8; }; options { listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion no; allow-update {none;}; }; logging { channel default_debug { file "data/named.run"; severity dynamic; print-time true; print-severity true; print-category true; }; }; view "internal" { match-clients { soho; }; recursion yes; allow-recursion { soho; }; forward first; forwarders { // your parent name servers IP addresses }; zone "office.soho" IN { type master; file "internal/office.soho.db"; forwarders {}; allow-update { // your DHCP servers IP addresses }; }; }; view "external" { match-clients { any; }; zone "example.com" IN { type master; file "external/example.com.db"; }; };
Actually this breaks two rules of domain naming:
- soho. is not a valid top-level domain name
- We don't own the domain example.com.
But, you know, we're filthy casuals so we don't care. So long as we are happy to be using an invalid top-level domain name and that we are shadowing someone else's domain then we're good to go.
Document Actions