named.conf
The named.conf file is the primary configuration file for BIND (Berkeley Internet Name Domain), the most commonly used DNS server software on the Internet. This file controls the behavior of the named DNS server, specifying the zones it manages, how it should handle queries, and other critical parameters.
Here's a detailed explanation of the named.conf file, including its structure, common options, and examples.
Structure of named.conf
The named.conf file is structured in a hierarchical format, with various blocks and statements that configure the DNS server.
Main Components
Options Block
Configures global server options.
Logging Block
Defines logging categories and channels.
Zone Definitions
Specifies the DNS zones that the server will manage.
ACLs (Access Control Lists)
Controls access to the server based on IP addresses.
Views
Allows different configurations for different sets of clients.
Basic Structure
options {
// Global server options
};
logging {
// Logging configuration
};
acl "trusted" {
// List of trusted IP addresses
};
view "internal" {
// View-specific configuration
};
zone "example.com" {
type master;
file "/etc/bind/db.example.com";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.192.168.1";
};Key Sections and Examples
Options Block
The options block defines global server settings.
options {
directory "/var/cache/bind"; // Directory for zone files
recursion yes; // Enable recursion
allow-query { trusted; }; // Allow queries from trusted clients
forwarders { 8.8.8.8; 8.8.4.4; };// Forwarding DNS servers
};Logging Block
The logging block specifies how and where to log server messages.
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
category default { default_debug; };
};Access Control Lists (ACLs)
ACLs define sets of IP addresses that can be referenced elsewhere in the configuration.
acl "trusted" {
192.168.1.0/24;
localhost;
localnets;
};Zone Definitions
Zones specify the DNS records managed by the server.
zone "example.com" {
type master;
file "/etc/bind/db.example.com";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.192.168.1";
};type: Specifies the type of zone (
master,slave,stub, etc.).file: Path to the zone file.
Views
Views allow different responses to DNS queries based on the client's IP address.
view "internal" {
match-clients { trusted; };
zone "example.com" {
type master;
file "/etc/bind/db.example.com.internal";
};
};
view "external" {
match-clients { any; };
zone "example.com" {
type master;
file "/etc/bind/db.example.com.external";
};
};Example named.conf File
Here is a more complete example of a named.conf file:
acl "trusted" {
192.168.1.0/24;
localhost;
localnets;
};
options {
directory "/var/cache/bind";
recursion yes;
allow-query { trusted; };
forwarders { 8.8.8.8; 8.8.4.4; };
dnssec-enable yes;
dnssec-validation yes;
auth-nxdomain no;
listen-on { 192.168.1.1; };
};
logging {
channel default_log {
file "/var/log/named/named.log" versions 3 size 5m;
severity info;
print-time yes;
};
category default { default_log; };
};
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "example.com" {
type master;
file "/etc/bind/db.example.com";
allow-transfer { 192.168.1.2; }; // Allow zone transfers to secondary server
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.192.168.1";
};Conclusion
The named.conf file is a powerful and flexible configuration file for the BIND DNS server. It allows administrators to define server behavior, manage DNS zones, set access controls, and configure logging. Understanding its structure and options is crucial for effective DNS server management.
Last updated