Is this the correct way to setup 1 domain in BIND

[wallsfd949]

I am working on running my own DNS server. Is this the correct way to setup BIND for a single domain? Anything I should do differently? I have a CNAME setup to point offsite.mynewdomain.com to a completely different site, is this acceptable?


*** sorry, no nice way to attach code (probably a forum software bug)




named.conf

cat named.conf
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "caching-example/named.ca";
};

zone "localhost" IN {
type master;
file "caching-example/localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "caching-example/named.local";
allow-update { none; };
};

// All zones go here below

zone "mynewsite.com" IN {
type master;
file "db.mynewsite.com";
allow-update {none; };
};

db.mynewsite.com

/var/named# cat db.mynewsite.com

$TTL 86400

@ IN SOA mynewsite.com. root.mynewsite.com. (
1999100502 ; serial
8H ; refresh
2H ; retry
4W ; expire
1D ; default_ttl
)
NS ns1.mynewsite.com.
NS ns2.mynewsite.com.
MX 10 mail.mynewsite.com.
TXT "Some general info about mynewsite here"

fred A 161.135.90.24
bill A 135.161.90.25

mynewsite.com. A 161.135.90.24
ns1 A 161.135.90.24
ns2 A 135.161.90.25
mail A 135.161.90.25

www CNAME fred

dev CNAME bill
outside CNAME www.ousite-site.com.

 

[Nothinman]

You have no reverse lookup zone, but the offsite CNAME should be fine, I just tested here with bind9 and it worked.

 

[wallsfd949]

As new as I am to BIND, what is the "$TTL 86400", what are the different values it can be, and why is it set that way?

 

[Nothinman]

It just specifies the default ttl for records in seconds.

http://www.zytrax.com/books/dns/apa/ttl.html

 

[cleverhandle]

Yup, looks basically good. I've never used the "IN" in the named.conf zone statements - is that a new thing? Perhaps because you're not specifying IN for each line?

Some other things to think about... you're probably going to want a secondary DNS service like zoneedit or granitecanyon, so you'll want an "allow-transfer" statement in named.conf. Also, you'll find that default BIND can quickly fill up your logs with pointless "lame server" messages. You can disable those with a section at the end of named.conf like this...

/* Ignore lame-server messages */
logging {
category lame-servers { "null"; };
category "unmatched" { "null"; };
category "default" { "default_syslog"; "default_debug"; };
};