====== Configuration DNS ======

Configuration du service DNS sur RHEL/CentOS 6.

===== Installation =====

Les paquets suivants sont à installer:
  * bind
  * bind-utils
  * bind-libs
  * bind-chroot

===== Configuration =====

Les fichiers de configuration avec bind chrooté se trouvent dans ///var/named/chroot/etc//.

===== Fichier de configuration named.conf =====

Il s'agit du fichier principal de configuration, le premier à être lu.

<file>
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
  listen-on port 53 { 91.121.61.20; };
//	listen-on-v6 port 53 { ::1; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
//	allow-query     { any; };
//	recursion yes;

	allow-recursion { mes_dns; 127.0.0.1; 94.23.42.209; };
	allow-notify { mes_dns; };
	version none;

	dnssec-enable yes;
	dnssec-validation yes;
	dnssec-lookaside auto;

	/* Path to ISC DLV key */
	bindkeys-file "/etc/named.iscdlv.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
	type hint;
	file "named.ca";
};

include "/etc/named.rfc1912.zones";
</file>

===== Fichier de configuration des zones =====

<file>
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package 
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
// (c)2007 R W Franks
// 
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

zone "localhost.localdomain" IN {
  type master;
	file "named.localhost";
	allow-update { none; };
};

zone "localhost" IN {
	type master;
	file "named.localhost";
	allow-update { none; };
};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
	type master;
	file "named.loopback";
	allow-update { none; };
};

zone "1.0.0.127.in-addr.arpa" IN {
	type master;
	file "named.loopback";
	allow-update { none; };
};

zone "0.in-addr.arpa" IN {
	type master;
	file "named.empty";
	allow-update { none; };
};

acl dns_secondaires {
        89.80.161.232;
        87.89.143.135;
        217.70.177.40;
	      94.23.42.209;
};

acl dns_bookmyname {
	88.191.249.0/24;
};	

acl mes_dns {
        89.80.161.232;
};

zone "linuxed.net" IN {
	type master;
	file "masters/linuxed.net.zone";
	allow-update { none; };
	allow-transfer { dns_secondaires; };
};

zone "ouam.fr" IN {
        type master;
        file "masters/ouam.fr.zone";
	      allow-update { none; };
        allow-transfer { dns_secondaires; };
};

zone "zoneperso.com" IN {
	type master;
	file "masters/zoneperso.com.zone";
	allow-update { none; };
	allow-transfer { dns_secondaires; };
};

zone "chezsib.fr" IN {
	type slave;
	file "slaves/chezsib.fr.zone";
	masters { 82.234.6.243; };
};

//zone "sibanac.net" IN {
//        type slave;
//        file "slaves/sibanac.net.zone";
//        masters { 82.234.6.243; };
//};

zone "coubronne.com" IN {
        type master;
        file "masters/coubronne.com.zone";
        allow-transfer { dns_secondaires; };
};

zone "applitunes.com" IN {
	type master;
	file "masters/applitunes.com.zone";
	allow-transfer { dns_secondaires; };
};

zone "conflict-crew.com" IN {
	type master;
	file "masters/conflict-crew.com.zone";
	allow-transfer { dns_secondaires; };
};

zone "mobeez.net" IN {
	type master;
	file "masters/mobeez.net.zone";
	allow-transfer { dns_secondaires; };
};

zone "mobeez.fr" IN {
        type master;
        file "masters/mobeez.fr.zone";
        allow-transfer { dns_secondaires; };
};

zone "easytravian.com" IN {
	type master;
        file "masters/easytravian.com.zone";
        allow-transfer { dns_secondaires; };
};

zone "entoutesaison.fr" IN {
        type master;
        file "masters/entoutesaison.fr.zone";
	allow-update { none; };
        allow-transfer { dns_secondaires; dns_bookmyname; };
};

zone "linuxed.42" IN {
	type master;
	file "masters/linuxed.42.zone";
	allow-update { none; };
	allow-transfer { dns_secondaires; };
};
</file>

====== Tests DNS ======

Pour tester une résolution:
  dig @ip_serveur nom_a_resoudre
  
Avec plus d'information:
  dig @ip_serveur nom_a_resoudre +trace
  
Ou pour un champ spécifique:
  dig @ip_serveur zone NS
  dig @ip_serveur zone MX