Copyright (C) 2008-2021 Oliver Bohlen.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
A copy of the license is included in the section entitled "GNU Free Documentation License".
This documentation comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law.
The goal of this topic is to use your own DNS. I use this setup for one zone (domain gabosh.net). Feel free to change the configuration to fit your needs.
If you want to use this solution you need the following howto(s) finished:
emerge net-dns/bind emerge net-dns/bind-tools
File permissions:
Owner: root
Group: named
Permissions: -rw-r--r--
Click here for a download of the complete file: /etc/bind/named.conf
Changed on 07.09.08Listen on localhost and the LAN and forward requests if they are not known by this DNS (for internet name resolution).
listen-on { 127.0.0.1; };After change
// Listen listen-on { 127.0.0.1; my.lan.network.ip/16; XXX.XXX.XXX.XXX/16; XXX.XXX.XXX.XXX/24; }; listen-on-v6 { none; }; // The way to the Internet (only for LAN/WLAN: my.lan.network.ip/24, XXX.XXX.XXX.XXX/24, XXX.XXX.XXX.XXX/24 and XXX.XXX.XXX.XXX/24) allow-recursion { XXX.XXX.XXX.XXX/8; my.lan.network.ip/24; XXX.XXX.XXX.XXX/24; XXX.XXX.XXX.XXX/24; XXX.XXX.XXX.XXX/24; XXX.XXX.XXX.XXX/24; }; // Local zones allow-query { XXX.XXX.XXX.XXX/8; my.lan.network.ip/16; XXX.XXX.XXX.XXX/16; XXX.XXX.XXX.XXX/24; }; allow-notify { none; }; allow-transfer { /* Zone tranfers are denied by default. */ none; }; allow-update { /* Don't allow updates, e.g. via nsupdate. */ none; };
Log DNS-Queries
logging { channel queries { #file "/var/log/bind/dns-queries" versions 2 size 1m; syslog local1; #print-time yes; }; category queries { queries; }; };
Zone definitions for some domains
# This is an entry for an LDAP Zone. Use this only if you want to use Bind with LDAP #zone "example.com" IN { # type master; # database "ldap ldap://127.0.0.1/dc=example,dc=com 172800"; # allow-update { none; }; #}; zone "example.com." IN { type master; file "zones/db.example.com"; allow-update { none; }; }; zone "XXX.XXX.in-addr.arpa" { type master; file "zones/db.172.23"; allow-update { none; }; }; zone "25.172.in-addr.arpa" { type master; file "zones/db.172.25"; allow-update { none; }; }; #include "/var/bind/blacklisted.zones";
File permissions:
Owner: root
Group: root
Permissions: -rw-r--r--
Click here for a download of the complete file: /etc/conf.d/named
Changed on 02.08.21IPv4 only. Prevents "error (network unreachable) resolving" log entries.
OPTIONS=""After change
OPTIONS="-4"
For starting the new service after system reboot you should add it to a runlevel with the following command(s):
rc-update add named
Please send a feedback to: doc<at>gabosh.net
Howto listingHere you can find the official Gentoo Linux Forums where you can find a lot of answers.
Here a link to the official Gentoo Linux Homepage.