Pseudo second level domain von Basics zu DNSEC: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 17: | Zeile 17: | ||
listen-on { any; }; | listen-on { any; }; | ||
}; | }; | ||
| + | ==/etc/bind/named.conf.local== | ||
| + | <pre> | ||
| + | //Standardmässig leer | ||
| + | //Hier werden die sogenanten Zonen angelegt. | ||
| + | zone "it2XX.int" { | ||
| + | type master; | ||
| + | file "it2XX.int.signed"; | ||
| + | }; | ||
| + | zone "2XX.88.10.in-addr.arpa" { | ||
| + | type master; | ||
| + | file "2XX.88.10.in-addr.arpa"; | ||
| + | }; | ||
| + | </pre> | ||
Version vom 2. Juni 2026, 14:27 Uhr
Trust Anker einfügen
- cd /etc/bind/
- wget http://192.168.X.88/trust-anchors.conf
- echo 'include "/etc/bind/trust-anchors.conf";' >> named.conf
/etc/bind/named.conf.options
Berechtigungen und Einschränkungen
options {
directory "/var/cache/bind";
forwarders { <DNSGW>; };
allow-query { 0.0.0.0/0; };
allow-recursion { 10.88.2XX.0/24; 172.26.2XX.0/24; 10.2XX.1.0/24; 172.20.2XX.0; 127.0.0.1; };
allow-transfer {127.0.0.1; };
dnssec-validation yes;
empty-zones-enable no;
listen-on-v6 { none; };
listen-on { any; };
};
==/etc/bind/named.conf.local==
<pre>
//Standardmässig leer
//Hier werden die sogenanten Zonen angelegt.
zone "it2XX.int" {
type master;
file "it2XX.int.signed";
};
zone "2XX.88.10.in-addr.arpa" {
type master;
file "2XX.88.10.in-addr.arpa";
};