ISC Bind

From Dave-Wiki

Config

Check Config

No output is good output ;) 

named-checkconf /etc/named.conf

Zones

Reload All Zones From Config

rndc reload

Reload A Specific Zone

rndc reload [zonename]

Check A Zone's Status

rndc zonestatus [zonename]

Remove A Zone From Service

(just unloads zone from memory; doesn't delete the zone from config) 

rndc delzone [zonename]

Add A Zone

  • (zone must have been loaded from config already)*
rndc addzone [zonename]

Cache

Flush cache of a domain and all its subdomains

 rndc flushtree name [view]

Example: 

 rndc flushtree website-to-flush.com internal

Flush cache of a domain

 rndc flushname name [view]

Example: 

 rndc flushname website-to-flush.com internal

Windows AD Dynamic Updates

Use these configurations to configure BIND to allow dynamic updates from Windows AD servers.

ACL

 acl "DOMAIN-CONTROLLERS" {
     10.144.30.101;  // DC1-dave
     10.144.35.2;    // DC2-dave
     10.150.30.5;    // DC-jim
 };

Zone Delcarations

Master Config

 zone "_msdcs.lambnet.us" IN {
     type master;
     file "dynamic/_msdcs.lambnet.us";
     allow-update { DOMAIN-CONTROLLERS; };
 };
 
 zone "_sites.lambnet.us" IN {
     type master;
     file "dynamic/_sites.lambnet.us";
     allow-update { DOMAIN-CONTROLLERS; };
 };
 
 zone "_tcp.lambnet.us" IN {
     type master;
     file "dynamic/_tcp.lambnet.us";
     allow-update { DOMAIN-CONTROLLERS; };
 };
 
 zone "_udp.lambnet.us" IN {
     type master;
     file "dynamic/_udp.lambnet.us";
     allow-update { DOMAIN-CONTROLLERS; };
 };

Slave Config

 zone "_msdcs.lambnet.us" IN {
     type slave;
     masters { 10.144.30.4; };
     file "dynamic/_msdcs.lambnet.us";
     allow-update-forwarding { DOMAIN-CONTROLLERS; };
 };
 
 zone "_sites.lambnet.us" IN {
     type slave;
     masters { 10.144.30.4; };
     file "dynamic/_sites.lambnet.us";
     allow-update-forwarding { DOMAIN-CONTROLLERS; };
 };
 
 zone "_tcp.lambnet.us" IN {
     type slave;
     masters { 10.144.30.4; };
     file "dynamic/_tcp.lambnet.us";
     allow-update-forwarding { DOMAIN-CONTROLLERS; };
 };
 
 zone "_udp.lambnet.us" IN {
     type slave;
     masters { 10.144.30.4; };
     file "dynamic/_udp.lambnet.us";
     allow-update-forwarding { DOMAIN-CONTROLLERS; };
 };

Logging

 channel update-log {
     file "/var/log/named/named.update" versions 5 size 5m;
     severity info;
     print-category yes;
     print-severity yes;
     print-time yes;
 };
 
 category update       { update-log; };
Retrieved from "https://davehome.net/wiki/index.php?title=ISC_Bind&oldid=413"