## How to deploy : * Delete all /etc/bind/ directory * git clone * Run 'rndc-confgen | grep '^key "rndc-key" {' -A3 > rndc.key' * Restart bind service ## How to use : The repository is thought like this: ``` . ├── named.conf # default file, have only include ├── named.conf.keys # have all TSIG keys and rndc config ├── named.conf.options # have all bind options ├── named.conf.view # have all views options ├── keys # directory with all DNSSEC keys ├── views │   ├── local.conf # have all zones options of the "local" view │   └── public.conf # have all zones options of the "public" view └── zones ├── local # directory with all zones records of the "local" view └── public # directory with all zones records of the "public" view ``` and to add zone, for exemple in local view, you have to add this in the **views/local.conf** file : ``` zone "exemple.com" { type master; file "/etc/bind/zones/local/exemple.com.conf"; }; ``` then add **zones/local/exemple.com.conf** file with all your records like this : ``` $ORIGIN example.com. $TTL 86400 @ SOA dns1.example.com. hostmaster.example.com. ( 2001062501 ; serial 21600 ; refresh after 6 hours 3600 ; retry after 1 hour 604800 ; expire after 1 week 86400 ) ; minimum TTL of 1 day ; ; NS dns1.example.com. NS dns2.example.com. dns1 A 10.0.1.1 AAAA aaaa:bbbb::1 dns2 A 10.0.1.2 AAAA aaaa:bbbb::2 ; ; @ MX 10 mail.example.com. MX 20 mail2.example.com. mail A 10.0.1.5 AAAA aaaa:bbbb::5 mail2 A 10.0.1.6 AAAA aaaa:bbbb::6 ; ; ; This sample zone file illustrates sharing the same IP addresses for multiple services: ; services A 10.0.1.10 AAAA aaaa:bbbb::10 A 10.0.1.11 AAAA aaaa:bbbb::11 ftp CNAME services.example.com. www CNAME services.example.com. ``` ### Tips : #### Create TSIG key : To create TSIG key, you have to create a shared base64 data like this : ``` echo $(date) | openssl base64 ``` and add the following in the **named.conf.keys** file ``` key "key-name" { algorithm hmac-sha256; secret "< YOUR BASE64 >"; }; ```