Updating dns server nsd is not the configured local nameserver
Create and save db.with a following content: ; ; BIND data file for ; $TTL 3h @ IN SOA ns1. ( 1 ; Serial 3h ; Refresh after 3 hours 1h ; Retry after 1 hour 1w ; Expire after 1 week 1h ) ; Negative caching TTL of 1 day ; @ IN NS ns1. In our this case the IP address of our name server is 192.168.135.130.
In this article, I want to show you the dns installation I made in my local network, in hope it will be useful to somebody.
The following zone file db.will hold a DNS record to assist a nameserver resolve a fully qualified domain name to an IP address. For this we are going to need yet another file and that is db.192.168.0 with a following content:; ; BIND reverse data file for 0.168.192.; $TTL 604800 0.168.192. dig command can be used from any PC which has a network access the your DNS server but preferably your should start your testing from a localhost.It completely replace three softwares at once (local and caching dns server, dhcp 4 and 6, both coordinated, and r(t)advd). I set 5353 here and pf will forward local # dns queries to this port.# # Before august 2015 # port=5353 # ## Never forward plain names (without a dot or domain part) domain-needed # Never forward addresses in the non-routed address spaces.But you need to setup a proper resolver for dnssec validation and recursion. But I really like the fact that it is possible to run completely a lan on its behalf ! So I am going to launch all this servers on different ports, and use pf to forward queries coming from the lan to Dnsmasq, which will ask Unbound to resolve the deep internet with dnssec. you can now shutdown the ipv4 stack (if you want so). # Listen on this specific port instead of the standard DNS port (53).And you have to take care all this daemons won’t collapse each others, as they are suppose to use the same port and address ! If you don’t want to browse the web, nor need to host an authoritative domain server, it’s perfect ! I could use one address per server (after all, we are in a lan, we can use ten addresses with not much problem, and ipv6 allows so much addresses) but Dnsmasq doesn’t like to be restricted in address listening. # Setting this to zero completely disables DNS function, # leaving only DHCP and/or TFTP.