BIND ACL to restrict zone trasfer with IP address

You need to define ACL in /etc/named.conf or /etc/bind/named.conf.local file. Let us say IP and are allowed to transfer your zones.

# vi named.conf or vi /etc/bind/named.conf.local

Here is sample entry for domain (ns1 configuration):

acl trusted-servers {; //ns1; //ns2

zone "" {
 type master;
 file "/var/lib/bind/";
 also-notify {; 
 notify yes;
 allow-transfer { trusted-servers; };

Continue reading “BIND ACL to restrict zone trasfer with IP address” »


Publishing long domain key SPF TXT records in bind9

If your bind is throwing error with long TXT data, you can do the following means to concatenate: You are using commas to separate your key/value pairs in your record instead of semi-colons. Change it to:

a9d04665528b593d263a6e5256648c99._domainkey IN 1800 TXT (



List all DNS records from a Nameserver using nslookup

How to list all records below some domain name.

Usually it’s done from interactive nslookup mode, not from batch mode

nslookup - your_dns_server
>set q=any
>ls -d

listing may be prohibited by administrator or by firewall settings, in that case you get empty output or ‘not implemented’ errors.

How to get all records of the domain name itself. In that case you need to run on Windows:

nslookup -"set q=all"


nslookup -q=any

Fixing Bind for Webmin

First get rid of bind-chroot (if it is installed!)

yum -y remove bind-chroot

edit /etc/sysconfig/named and remove/comment out any lines that look like ROOTDIR="/var/named/chroot"

Fix the owner of /etc/named.conf with

chown named:named /etc/named.conf

In Webmin go to Servers > Bind DNS Server > Module Config and check the following configs Continue reading “Fixing Bind for Webmin” »