{{page>:menu}}
====== BIND ======
  * stáhnout http://www.isc.org/products/BIND/

=====	Instalace =====
<code>
./configure     --prefix=/usr/local/bind
make clean
make
make install
</code>



===== Konfigurace =====
  * podívat se do nastavení ''/etc/nsswitch.conf'' a do ''/etc/resolv.conf''
  * manuál [[http://www.die.net/doc/linux/man/man5/named.conf.5.html|named.conf]], [[http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1-bind-namedconf.html|RedHat]]





==== named.conf ====
<code>
options{
    directory "/var"; # hlavni adresar

    listen-on port 53 { ip.ad.re.sa;};

    forward only; # jen forwarduje
    forwarders {  # na tyto stroje
        192.168.20.200;
        192.168.20.55;
        193.85.1.12;
        193.85.3.50;
    };
};

# vzdalene (i lokalni) RNDC pripojeni pro dálkovou správu DNS
include "/etc/rndc.key"; # klic
controls {
        inet 127.0.0.1  allow { localhost; }
        keys { rndc-key; };
    };
   

logging {
 channel default_syslog {
  //vetsina zprav se posila do syslogu
  syslog local2;
  severity debug;
 };

 channel audit_log {
  file "/var/log/named.log";
  severity debug;
  print-time yes;
 };

 category default { default_syslog; };
 category general { default_syslog; };
 category security {audit_log; default_syslog; };
 category config { default_syslog; };
 category resolver { audit_log; };
 category xfer-in { audit_log; };
 category xfer-out { audit_log; };
 category notify { audit_log; };
 category client { audit_log; };
 category network { audit_log; };
 category update { audit_log; };
 category queries { audit_log; };
 category lame-servers { audit_log; };
};

# Zony - pomocný server - musí vždy být!
zone "." {
    type hint;
    file "named.root";
};

zone "0.0.127.in-addr.arpa" {
    type master;
    file "named.local"; # stáhnout z netu, strana 269
}
</code>

  * je dobré pustit chrootovaný named


==== db.zone ====
<code>
$TTL 1w
@	IN	SOA	okrnet.loc. root.okrnet.loc. (
	2005051503	; Seriove cislo
	10800		; Refresh
	1800 		; Retry
	604800 	; Expire na DNS 2
	900
)
		IN NS 	server.okrnet.loc.
		IN MX 10 	mail.okrnet.loc.
server	IN A 		10.10.10.1
mail		IN CNAME 	server
pop3		IN CNAME 	server
smtp		IN CNAME 	server
www		IN CNAME 	server
ns		IN CNAME 	server
dns		IN CNAME 	server
proxy		IN CNAME 	server
gw		IN CNAME 	server
</code>


==== db.rev ====
<code>
$TTL 1w
@	IN	SOA	10.in-addr.arpa. root.okrnet.loc. (
	2005051504	; Seriove cislo
	10800		; Refresh
	1800 		; Retry
	604800 	; Expire na DNS 2
	900
)
		IN NS server.okrnet.loc.
253.20.10	IN PTR ovislink.okrnet.loc.
1.10.10	IN PTR server.okrnet.loc.
</code>

===== Spuštění =====
  * je dobré sputit BIND jako [[http://www.losurs.org/docs/howto/Chroot-BIND.html|chrootovaný]]