PDA

View Full Version : DNS improvements


fireba11
2nd April 2010, 17:44
* add spf record to the default template
* add "Allow zone transfers to these IPs" as option for the template

spf records (when set correctly) are always a good idea to have ..
currently the template does not allow predefining IPs for AXFR, usually you always use the same secondary DNS servers though, so that would be nice to have in the template

ImaniAbigailWilliams
27th April 2010, 14:29
tried both versions and I couldn't get either to work.

I couldn't get them to hold the configuration settings. After saving the router settings the router went back to the default.

Maybe its something I'm doing wrong. If some else gets them to work I'll have another try?

coldfried
2nd August 2011, 15:13
* native support for zone options such as "update-policy" and "allow-update" in /etc/bind/named.conf.local for the zone.
* native support to store a secret in /etc/bind/named.conf.keys (my config) for the dynamic zones.

I am running a dynamic dns zone on my name server controlled by ISPconfig3, and I've just discovered that when I make any changes to the name server within ISPconfig afterwards, it rewrites the conf file for the zone and removes my modifications that permit dynamic updates. It would be great if these dynamic update settings could be supported by (or included in) ISPConfig 3 so that we would not need to devise a workaround to get it to keep the changes. :)

till
2nd August 2011, 15:37
ISPConfig supports already custom BIND config files.

To make your changes persistent, copy the bind_* files from /usr/local/ispconfig/server/conf to /usr/local/ispconfig/server/conf-custom/ and then edit the files in the conf-custom directory to suit your needs.

DiscipleGeek
30th August 2011, 19:10
* add spf record to the default template
* add "Allow zone transfers to these IPs" as option for the template

spf records (when set correctly) are always a good idea to have ..
currently the template does not allow predefining IPs for AXFR, usually you always use the same secondary DNS servers though, so that would be nice to have in the template

These would definitely be welcome additions.

maumar
16th October 2011, 19:17
I would add this to this problematic


allow-transfer {none;};


there 2 requirements about it>
1.

as fireba11 asked for, add "Allow zone transfers to these IPs" as option for the template (I was not able to customize it working on


/usr/local/ispconfig/server/conf/bind_named.conf.local.master


2.
there at the moment 3 fields
-> Allow zone transfers to these IPs (comma separated list)
-> Also Notify
-> Update ACL

if you let empty 2^ one and 3^ one, "Also Notify" and "Update ACL", nothing is written to


zone "zonename" {
type master;
allow-transfer {none;};
file "/etc/bind/pri.zonename";
};


but if u left empty the 1^ filed:

"Allow zone transfers to these IPs (comma separated list)"

you get

allow-transfer {none;};


I expect "none" there if and only if i input "none into the form field, and i expect no line regarding allow-transfer if i left field empty

in this way, i could configure my preferred
allow-transfer
ip's into general file:


/etc/bind/named.conf.options


without losing this setting with


allow-transfer {none;};