add "how to use" and "tips"
This commit is contained in:
parent
146fe260c6
commit
2caa2a9a2d
89
README.md
89
README.md
|
|
@ -4,3 +4,92 @@
|
|||
* git clone
|
||||
* Run 'rndc-confgen | grep '^key "rndc-key" {' -A3 > rndc.key'
|
||||
* Restart bind service
|
||||
|
||||
## How to use :
|
||||
|
||||
The repository is thought like this:
|
||||
|
||||
```
|
||||
.
|
||||
├── named.conf # default file, have only include
|
||||
├── named.conf.keys # have all TSIG keys and rndc config
|
||||
├── named.conf.options # have all bind options
|
||||
├── named.conf.view # have all views options
|
||||
├── views
|
||||
│ ├── local.conf # have all zones options of the "local" view
|
||||
│ └── public.conf # have all zones options of the "public" view
|
||||
└── zones
|
||||
├── local # directory with all zones records of the "local" view
|
||||
└── public # directory with all zones records of the "public" view
|
||||
|
||||
```
|
||||
|
||||
and to add zone, for exemple in local view, you have to add this in the **views/local.conf** file :
|
||||
|
||||
```
|
||||
zone "exemple.com" {
|
||||
type master;
|
||||
file "/etc/bind/zones/local/exemple.com.conf";
|
||||
};
|
||||
```
|
||||
|
||||
then add **zones/local/exemple.com.conf** file with all your records like this :
|
||||
|
||||
```
|
||||
$ORIGIN example.com.
|
||||
$TTL 86400
|
||||
@ SOA dns1.example.com. hostmaster.example.com. (
|
||||
2001062501 ; serial
|
||||
21600 ; refresh after 6 hours
|
||||
3600 ; retry after 1 hour
|
||||
604800 ; expire after 1 week
|
||||
86400 ) ; minimum TTL of 1 day
|
||||
;
|
||||
;
|
||||
NS dns1.example.com.
|
||||
NS dns2.example.com.
|
||||
dns1 A 10.0.1.1
|
||||
AAAA aaaa:bbbb::1
|
||||
dns2 A 10.0.1.2
|
||||
AAAA aaaa:bbbb::2
|
||||
;
|
||||
;
|
||||
@ MX 10 mail.example.com.
|
||||
MX 20 mail2.example.com.
|
||||
mail A 10.0.1.5
|
||||
AAAA aaaa:bbbb::5
|
||||
mail2 A 10.0.1.6
|
||||
AAAA aaaa:bbbb::6
|
||||
;
|
||||
;
|
||||
; This sample zone file illustrates sharing the same IP addresses for multiple services:
|
||||
;
|
||||
services A 10.0.1.10
|
||||
AAAA aaaa:bbbb::10
|
||||
A 10.0.1.11
|
||||
AAAA aaaa:bbbb::11
|
||||
|
||||
ftp CNAME services.example.com.
|
||||
www CNAME services.example.com.
|
||||
```
|
||||
|
||||
|
||||
### Tips :
|
||||
|
||||
|
||||
#### Create TSIG key :
|
||||
|
||||
To create TSIG key, you have to create a shared base64 data like this :
|
||||
|
||||
```
|
||||
echo $(date) | openssl base64
|
||||
```
|
||||
|
||||
and add the following in the **named.conf.keys** file
|
||||
|
||||
```
|
||||
key "key-name" {
|
||||
algorithm hmac-sha256;
|
||||
secret "< YOUR BASE64 >";
|
||||
};
|
||||
```
|
||||
Loading…
Reference in New Issue