License

Copyright (C) 2008-2021 Oliver Bohlen.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.

A copy of the license is included in the section entitled "GNU Free Documentation License".

Introduction

This documentation comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law.

Howto: DNS for Gentoo Linux

The goal of this topic is to use your own DNS. I use this setup for one zone (domain gabosh.net). Feel free to change the configuration to fit your needs.

If you want to use this solution you need the following howto(s) finished:

Required software

The required software has to be installed with the following command(s):
emerge net-dns/bind
emerge net-dns/bind-tools

Changes in /etc/bind/named.conf

File permissions:
Owner: root
Group: named
Permissions: -rw-r--r--

Click here for a download of the complete file: /etc/bind/named.conf

Changed on 07.09.08
Issued by olli
Beginning line 37

Listen on localhost and the LAN and forward requests if they are not known by this DNS (for internet name resolution).


Before change
        listen-on { 127.0.0.1; };
After change
        // Listen
	listen-on { 127.0.0.1;
		    my.lan.network.ip/16;
		    XXX.XXX.XXX.XXX/16;
		    XXX.XXX.XXX.XXX/24;
	};

	listen-on-v6 { none; };
	// The way to the Internet (only for LAN/WLAN:  my.lan.network.ip/24, XXX.XXX.XXX.XXX/24, XXX.XXX.XXX.XXX/24 and XXX.XXX.XXX.XXX/24)
        allow-recursion { XXX.XXX.XXX.XXX/8;
                          my.lan.network.ip/24;
			  XXX.XXX.XXX.XXX/24;
			  XXX.XXX.XXX.XXX/24;
			  XXX.XXX.XXX.XXX/24;
			  XXX.XXX.XXX.XXX/24;
        };
	// Local zones
        allow-query { XXX.XXX.XXX.XXX/8;
		      my.lan.network.ip/16;
		      XXX.XXX.XXX.XXX/16;
		      XXX.XXX.XXX.XXX/24;
	};
	allow-notify { none; };

        allow-transfer {
                /* Zone tranfers are denied by default. */
                none;
        };

        allow-update {
                /* Don't allow updates, e.g. via nsupdate. */
                none;
        };

Changed on 24.03.09
Issued by olli
Beginning line 86

Log DNS-Queries

logging {
 channel queries {
  #file "/var/log/bind/dns-queries" versions 2 size 1m;
  syslog local1;
  #print-time yes;
 };
 category queries {
  queries;
 };
};

Changed on 07.09.08
Issued by olli
Beginning line 130

Zone definitions for some domains


# This is an entry for an LDAP Zone. Use this only if you want to use Bind with LDAP
#zone "example.com" IN {
#        type master;
#	database "ldap ldap://127.0.0.1/dc=example,dc=com 172800";
#	allow-update { none; };
#};

zone "example.com." IN {
       type master;
       file "zones/db.example.com";
       allow-update { none; };
};
zone "XXX.XXX.in-addr.arpa" {
        type master;
	file "zones/db.172.23";
	allow-update { none; };
};

zone "25.172.in-addr.arpa" {
        type master;
        file "zones/db.172.25";
        allow-update { none; };
};

#include "/var/bind/blacklisted.zones";

Changes in /etc/conf.d/named

File permissions:
Owner: root
Group: root
Permissions: -rw-r--r--

Click here for a download of the complete file: /etc/conf.d/named

Changed on 02.08.21
Issued by olli
Beginning line 3

IPv4 only. Prevents "error (network unreachable) resolving" log entries.


Before change
OPTIONS=""
After change
OPTIONS="-4"

Setting up services

For starting the new service after system reboot you should add it to a runlevel with the following command(s):

rc-update add named

Please send a feedback to: doc<at>gabosh.net

Howto listing
File Index

Here you can find the official Gentoo Linux Forums where you can find a lot of answers.

Here a link to the official Gentoo Linux Homepage.

Edit Howto

About / Impressum

Click here for About / Impressum

Wishlist

If you want to support my work you can find my Amazon whishlist here