home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
chilidog.highland.cc.ks.us
/
chilidog.highland.cc.ks.us.zip
/
chilidog.highland.cc.ks.us
/
backup
/
bradford.20120213.bsc-siteConfiguration.tar.gz
/
bradford.20120213.bsc-siteConfiguration.tar
/
bsc
/
siteConfiguration
/
named.conf
< prev
next >
Wrap
Text File
|
2009-06-25
|
10KB
|
369 lines
//////////////////////////////////////////////////
// This file is for NS500's ONLY!
// If this is an NS1200 then edit the dhcpd.conf
// on the NS8200.
//////////////////////////////////////////////////
//
// Access Control Lists lookup variables examples
// See the "ACL" Section below
//
// 192.168.26.2 Registration Interface
// 192.168.26.0 Registration Network
// /24 Registration Network Mask
//
// 192.168.27.2 Remediation Interface
// 192.168.27.0 Remediation Network
// /24 Remediation Network Mask
//
// 192.168.28.2 Authentication Interface
// 192.168.28.0 Authentication Network
// /24 Authentication Network Mask
//
// 192.168.29.2 Dead End Interface
// 192.168.29.0 Dead End Network
// /24 Dead End Network Mask
//
// 192.168.30.2 Hub Interface
// 192.168.30.0 Hub Network
// /24 Hub Network Mask
//
// 192.168.31.2 VPN Interface
// 192.168.31.0 VPN Network
// /24 VPN Network Mask
//
// 192.168.32.2 Isolation Interface
// 192.168.32.0 Isolation Network
// /24 Isolation Network Mask
//
// /32 Network Mask to Identify a single IP
//
// 192.168.10.10 IP Address of a Production DNS
//
// 192.168.10.33 The Primary Interface of the CMRC
//
// 127.0.0.1 Primary loopback address of the CMRC
// For additional loopback configurations see /etc/sysconfig/network/ReadMe_loopback
// 127.0.0.2 Additional loopback address to support additional "view"
// 127.0.0.3 Additional loopback address to support additional "view"
// 127.0.0.4 Additional loopback address to support additional "view"
// 127.0.0.5 Additional loopback address to support additional "view"
//
//////////////////////////////////////////////////////////////
include "/bsc/siteConfiguration/rndc.key";
controls {
inet 127.0.0.1 allow { localhost; } keys { rndc-key; };
};
logging {
/////////////////////////////////////////////////////////////////
// activate logging
// Use this log file to trouble shoot client DNS issue.
// the file is /var/named/named.log
// Uncomment the line "severity debug ;" to get more logging.
// Remember to restart DNS when making changes in the named.conf
// When finished debugging remember to put a comment back
// in the "severity debug ;" line.
/////////////////////////////////////////////////////////////////
channel "logs" {
file "/var/lib/named/bsc/siteConfiguration/named/named.log" versions 3 size 5m;
// severity debug ;
print-time yes;
print-category yes;
};
category queries {
"logs";
};
category resolver {
"logs";
};
category client {
"logs";
};
};
//////////////////////////////////////////////////
// Access Control Lists for lookup variables
// Set these IP's to match the appropriate networks
//////////////////////////////////////////////////
acl "reg" { 192.168.100.2/32; 192.168.101.0/24; };
acl "rem" { 192.168.100.3/32; 198.248.92.0/24; };
acl "auth" { 127.0.0.10/32; };
acl "de" { 192.168.100.4/32; 192.168.102.0/24; };
acl "hub" { 127.0.0.15/32; };
acl "vpn" { 127.0.0.14/32; };
acl "isol" { 127.0.0.16/32; };
acl "me-reg" { 127.0.0.1/32; };
acl "me-rem" { 127.0.0.2/32; };
acl "me-auth" { 127.0.0.3/32; };
acl "me-hub" { 127.0.0.4/32; };
acl "me-vpn" { 127.0.0.5/32; };
acl "me-isol" { 127.0.0.6/32; };
//////////////////////////////////////////////////////////////
// There should be nothing changed below this line
//////////////////////////////////////////////////////////////
options {
// The directory statement defines the name server┤s
// working directory
directory "/bsc/siteConfiguration/named";
pid-file "/var/run/named/named.pid";
recursion yes;
listen-on-v6 { any; };
notify no;
};
view "registration" {
// This should match our registration network.
match-clients { reg ; } ;
allow-recursion { reg ; } ;
// The file /var/named/zones.common is where to add
// DNS zones that the clients can lookup
include "zones.common";
include "zones.reg";
// This forwards all others requests to us at PassThru-reg.
zone "." {
type forward;
forwarders { 127.0.0.1; };
};
};
// All others resolve to
view "PassThru-reg" {
//This should match our own forward requests.
match-clients { me-reg ; } ;
allow-recursion { me-reg ; } ;
zone "." {
type master;
file "root.hint.reg";
};
};
view "remediation" {
// This should match our remediation network.
match-clients { rem ; } ;
allow-recursion { rem ; } ;
// The file /var/named/zones.common is where to add
// DNS zones that the clients can lookup
include "zones.common";
include "zones.rem";
// This forwards all others requests to us at PassThru-rem.
zone "." {
type forward;
forwarders { 127.0.0.2; };
};
};
// All others resolve to
view "PassThru-rem" {
//This should match our own forward requests.
match-clients { me-rem ; } ;
allow-recursion { me-rem ; } ;
zone "." {
type master;
file "root.hint.rem";
};
};
view "deadEnd" {
// This should match our DeadEnd network.
match-clients { de ; } ;
allow-recursion { de ; } ;
zone "." {
type master;
file "root.hint.de";
};
};
view "authentication" {
// This should match our authentication network.
match-clients { auth ; } ;
allow-recursion { auth ; } ;
// The file /var/named/zones.common is where to add
// DNS zones that the clients can lookup
include "zones.common";
include "zones.auth";
// This forwards all others requests to us at PassThru-auth.
zone "." {
type forward;
forwarders { 127.0.0.3; };
};
};
// All others resolve to
view "PassThru-auth" {
//This should match our own forward requests.
match-clients { me-auth ; } ;
allow-recursion { me-auth ; } ;
zone "." {
type master;
file "root.hint.auth";
};
};
view "Hub" {
// This should match our Hub network.
match-clients { hub ; } ;
allow-recursion { hub ; } ;
// The file /var/named/zones.common is where to add
// DNS zones that the clients can lookup
include "zones.common";
include "zones.hub";
// This forwards all others requests to us at PassThru-hub.
zone "." {
type forward;
forwarders { 127.0.0.4; };
};
};
// All others resolve to
view "PassThru-hub" {
//This should match our own forward requests.
match-clients { me-hub ; } ;
allow-recursion { me-hub ; } ;
zone "." {
type master;
file "root.hint.hub";
};
};
view "VPN" {
// This should match our VPN network.
match-clients { vpn ; } ;
allow-recursion { vpn ; } ;
// The file /var/named/zones.common is where to add
// DNS zones that the clients can lookup
include "zones.common";
include "zones.vpn";
// This forwards all others requests to us at PassThru-vpn.
zone "." {
type forward;
forwarders { 127.0.0.5; };
};
};
// All others resolve to
view "PassThru-VPN" {
//This should match our own forward requests.
match-clients { me-vpn ; } ;
allow-recursion { me-vpn ; } ;
zone "." {
type master;
file "root.hint.vpn";
};
};
//view "deadend" {
// // This should match our deadend network.
// allow-recursion { deadend; };
// match-clients { deadend; };
//
//
// // The file /var/named/zones.common is where to add
// // DNS zones that the clients can lookup
// include "zones.common";
// include "zones.de";
//
// // This forwards all others requests to us at PassThru-vpn.
// zone "." {
// type forward;
// forwarders { 127.0.0.6; };
// };
//};
//
// // All others resolve to
//view "PassThru-deadend" {
// //This should match our own forward requests.
// match-clients { me-de; };
// zone "." {
// type master;
// file "root.hint.de";
// };
//};
view "Isol" {
// This should match our Isolation network.
match-clients { isol ; } ;
allow-recursion { isol ; } ;
// The file /var/named/zones.common is where to add
// DNS zones that the clients can lookup
include "zones.common";
include "zones.isol";
// This forwards all others requests to us at PassThru-isol.
zone "." {
type forward;
forwarders { 127.0.0.6; };
};
};
// All others resolve to
view "PassThru-isol" {
//This should match our own forward requests.
match-clients { me-isol ; } ;
allow-recursion { me-isol ; } ;
zone "." {
type master;
file "root.hint.isol";
};
};