Bind DNS Auto Slave Using Webmin

The latest webmin has bug! In this tutorials I’m using webmin verison 1.801- that actually works. Don’t know if webmin team really knows are aware of the bug 🙁

So, let’s start. But before that, it’s assumed that you have webmin installed in both the servers.

Configuring Webmin Server Continue reading “Bind DNS Auto Slave Using Webmin” »

Share

BIND ACL to restrict zone trasfer with IP address

You need to define ACL in /etc/named.conf or /etc/bind/named.conf.local file. Let us say IP 1.2.3.4 and 1.2.3.5 are allowed to transfer your zones.

# vi named.conf or vi /etc/bind/named.conf.local

Here is sample entry for domain domain.org.bd (ns1 configuration):

acl trusted-servers {
1.2.3.4; //ns1
1.2.3.5; //ns2
};

zone "domain.org.bd" {
 type master;
 file "/var/lib/bind/domain.org.bd.hosts";
 also-notify {
1.2.3.5; 
 };
 notify yes;
 allow-transfer { trusted-servers; };
 };

Continue reading “BIND ACL to restrict zone trasfer with IP address” »

Share

Publishing long domain key SPF TXT records in bind9

If your bind is throwing error with long TXT data, you can do the following means to concatenate: You are using commas to separate your key/value pairs in your record instead of semi-colons. Change it to:

a9d04665528b593d263a6e5256648c99._domainkey IN 1800 TXT (
 "k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2/ZfhxSI/A"
 "bqgh0amM8ylrlosirWeKShUhq7fg12aYmRwOqq9hIzO0Fcz1BzfgHVu6HU++rC5"
 "QoUK0JQK/nk4jwkDgvG2di2ZYmAvEbY/VeiK1x/TG0p1Iczr2k6Bj0gEAb/YGD2"
 "YbwrwAi4bDXwoPsYuuNn9TB3jjyWKu/dvOsqhff1/4Wc+FkOi0ClvgrXiklN28X"
 "TLjyjSyU794ntIoegXxrfwcwkhfPMvuqcnhfIC0Z8L71M4WR4SoHyNHVfBtNlUv"
 "VNROiXlMxtxnNQvfViSwz6LC8bYIxeAba3hSXPTChKu3qZtfR0o3jFwEWAfLQdg"
 "Ixler0jMEoAyJmfQIDAQAB")

 

Share

List all DNS records from a Nameserver using nslookup

Method-1)
How to list all records below some domain name.

Usually it’s done from interactive nslookup mode, not from batch mode

nslookup - your_dns_server
>set q=any
>ls -d domain.name

listing may be prohibited by administrator or by firewall settings, in that case you get empty output or ‘not implemented’ errors.

Method-2)
How to get all records of the domain name itself. In that case you need to run on Windows:

nslookup -"set q=all" yourdomain.com

onUnix:

nslookup -q=any yourdomain.com
Share

Fixing Bind for Webmin

First get rid of bind-chroot (if it is installed!)

yum -y remove bind-chroot

edit /etc/sysconfig/named and remove/comment out any lines that look like ROOTDIR="/var/named/chroot"

Fix the owner of /etc/named.conf with

chown named:named /etc/named.conf

In Webmin go to Servers > Bind DNS Server > Module Config and check the following configs Continue reading “Fixing Bind for Webmin” »

Share