## How to deploy : * Delete all /etc/bind/ directory * git clone * Run ```rndc-confgen | grep '^key "rndc-key" {' -A3 > rndc.key``` * Restart bind service ## How to use : This configuration template is for Bind 9.10.3 in Debian 9. You can find the official configuration [here](https://ftp.isc.org/isc/bind9/9.10.3/doc/arm/Bv9ARM.ch06.html) The repository is thought like this: ``` . ├── named.conf # default file, have only include ├── named.conf.keys # have all TSIG keys and rndc config ├── named.conf.options # have all bind options ├── named.conf.view # have all views options ├── keys # directory with all DNSSEC keys ├── views │   ├── local.conf # have all zones options of the "local" view │   └── public.conf # have all zones options of the "public" view └── zones ├── local # directory with all zones records of the "local" view └── public # directory with all zones records of the "public" view ``` and to add zone, for exemple in local view, you have to add this in the **views/local.conf** file : ``` zone "exemple.com" { type master; file "/etc/bind/zones/local/exemple.com.conf"; }; ``` then add **zones/local/exemple.com.conf** file with all your records like this : ``` $ORIGIN example.com. $TTL 3600 @ SOA dns1.example.com. hostmaster.example.com. ( 2019010101 ; serial 86400 ; refresh 7200 ; retry 3600000 ; expire 172800 ) ; minimum TTL ; ; @ NS dns1.example.com. @ NS dns2.example.com. dns1 A 10.0.1.1 dns1 AAAA aaaa:bbbb::1 dns2 A 10.0.1.2 dns2 AAAA aaaa:bbbb::2 ; ; @ MX 10 mail.example.com. @ MX 20 mail2.example.com. mail A 10.0.1.5 mail AAAA aaaa:bbbb::5 mail2 A 10.0.1.6 mail2 AAAA aaaa:bbbb::6 ; ; @ A 10.0.1.7 @ AAAA aaaa:bbbb::7 services A 10.0.1.10 services AAAA aaaa:bbbb::10 ftp CNAME services.example.com. www CNAME services.example.com. ``` ### Tips : #### Create TSIG key : To create TSIG key, you have to create a shared base64 data like this : ``` echo $(date) | openssl base64 ``` and add the following in the **named.conf.keys** file ``` key "key-name" { algorithm hmac-sha256; secret "< YOUR BASE64 >"; }; ```