publicarray/opennic.config

## opennic.config
#
# nsd: https://www.nlnetlabs.nl/projects/nsd/
# OpenNic: https://www.opennic.org/
#
# this file can be placed inside the "/etc/nsd/conf.d folder"
# e.g. "/etc/nsd/conf.d/opennic.conf" for debian and redhat systems
# also make sure the "nsd.config" has the following line present:
# include: "/etc/nsd/conf.d/*.conf"
#
# you can use the "nsd-checkconf /etc/nsd/nsd.conf" to check for syntax errors
# and "nsd-control zonestatus" to check that zones are successfully updated
#
# NOTE:
# The master list may be out of date.
# Please check https://wiki.opennic.org/opennic/t2slaved for an up to date listing of their IPs
#
pattern:
    name: "opennic"
    allow-notify: 45.56.115.189 NOKEY                   # ns0.opennic.glue
    allow-notify: 45.56.116.224 NOKEY                   # ns0.opennic.glue
    allow-notify: 173.160.58.202 NOKEY                  # ns2.opennic.glue
    allow-notify: 2001:470:f032:10:0:100:53:10 NOKEY    # ns2.opennic.glue
    allow-notify: 104.168.144.17 NOKEY                  # ns3.opennic.glue
    allow-notify: 2001:470:8269::53 NOKEY               # ns3.opennic.glue
    allow-notify: 178.63.145.230 NOKEY                  # ns4.opennic.glue
    allow-notify: 2a01:4f8:101:3062::5:2 NOKEY          # ns4.opennic.glue
    allow-notify: 94.103.153.176 NOKEY                  # ns5.opennic.glue
    allow-notify: 2a02:990:219:1:ba:1337:cafe:3 NOKEY   # ns5.opennic.glue
    allow-notify: 207.192.71.13 NOKEY                   # ns6.opennic.glue
    allow-notify: 2002:cfc0:470d::1 NOKEY               # ns6.opennic.glue
    allow-notify: 178.63.116.152 NOKEY                  # ns8.opennic.glue
    allow-notify: 2a01:4f8:141:4281::999 NOKEY          # ns8.opennic.glue
    allow-notify: 138.68.128.160 NOKEY                  # ns9.opennic.glue
    allow-notify: 2a03:b0c0:1:a1::46b:a001 NOKEY        # ns9.opennic.glue
    allow-notify: 188.226.146.136 NOKEY                 # ns10.opennic.glue
    allow-notify: 2001:470:1f04:ebf::2 NOKEY            # ns10.opennic.glue
    allow-notify: 138.197.44.179 NOKEY                  # ns11.opennic.glue

    request-xfr: 45.56.115.189 NOKEY                    # ns0.opennic.glue
    request-xfr: 45.56.116.224 NOKEY                    # ns0.opennic.glue
    request-xfr: 173.160.58.202 NOKEY                   # ns2.opennic.glue
    request-xfr: 2001:470:f032:10:0:100:53:10 NOKEY     # ns2.opennic.glue
    request-xfr: 104.168.144.17 NOKEY                   # ns3.opennic.glue
    request-xfr: 2001:470:8269::53 NOKEY                # ns3.opennic.glue
    request-xfr: 178.63.145.230 NOKEY                   # ns4.opennic.glue
    request-xfr: 2a01:4f8:101:3062::5:2 NOKEY           # ns4.opennic.glue
    request-xfr: 94.103.153.176 NOKEY                   # ns5.opennic.glue
    request-xfr: 2a02:990:219:1:ba:1337:cafe:3 NOKEY    # ns5.opennic.glue
    request-xfr: 207.192.71.13 NOKEY                    # ns6.opennic.glue
    request-xfr: 2002:cfc0:470d::1 NOKEY                # ns6.opennic.glue
    request-xfr: 178.63.116.152 NOKEY                   # ns8.opennic.glue
    request-xfr: 2a01:4f8:141:4281::999 NOKEY           # ns8.opennic.glue
    request-xfr: 138.68.128.160 NOKEY                   # ns9.opennic.glue
    request-xfr: 2a03:b0c0:1:a1::46b:a001 NOKEY         # ns9.opennic.glue
    request-xfr: 188.226.146.136 NOKEY                  # ns10.opennic.glue
    request-xfr: 2001:470:1f04:ebf::2 NOKEY             # ns10.opennic.glue
    request-xfr: 138.197.44.179 NOKEY                   # ns11.opennic.glue

# NOTE
# The TLDs may be out of date
# Ask a master for an up to date lising: dig @45.56.115.189 TXT tlds.opennic.glue +short
# Also consult https://wiki.opennic.org/opennic/dot
zone:
    name: "dns.opennic.glue"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "."
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "bbs"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "bit"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "chan"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "dyn"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "free"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "fur"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "geek"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "gopher"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "indy"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "libre"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "neo"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "null"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "o"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "opennic.glue"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "oss"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "oz"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "parody"
    zonefile: "%s.zone"
    include-pattern: opennic

zone:
    name: "pirate"
    zonefile: "%s.zone"
    include-pattern: opennic


## unbound.config
  server:
        # Ignore chain of trust. Domain is treated as insecure.
        # DNSSEC chain of trust is ignored towards the domain name
        # domain-insecure: "example.com"
        domain-insecure: "dns.opennic.glue"
        domain-insecure: "bbs"
        domain-insecure: "bit"
        domain-insecure: "chan"
        domain-insecure: "dyn"
        domain-insecure: "free"
        domain-insecure: "fur"
        domain-insecure: "geek"
        domain-insecure: "gopher"
        domain-insecure: "indy"
        domain-insecure: "libre"
        domain-insecure: "neo"
        domain-insecure: "null"
        domain-insecure: "o"
        domain-insecure: "opennic.glue"
        domain-insecure: "oss"
        domain-insecure: "oz"
        domain-insecure: "parody"
        domain-insecure: "pirate"

# Stub zones.
# Create entries like below, to make all queries for 'example.com' and
# 'example.org' go to the given list of nameservers. list zero or more
# nameservers by hostname or by ipaddress. If you set stub-prime to yes,
# the list is treated as priming hints (default is no).
# stub-zone:
#   name: "example.com"
#   stub-addr: 192.0.2.68
#   stub-prime: "no"
# stub-zone:
#   name: "example.org"
#   stub-host: ns.example.com.

stub-zone:
    name: "dns.opennic.glue"
    stub-addr: "127.0.0.1@57" # change to the address@port nsd is running on

stub-zone:
    name: "bbs"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "bit"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "chan"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "dyn"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "free"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "fur"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "geek"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "gopher"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "indy"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "libre"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "neo"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "null"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "o"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "opennic.glue"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "oss"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "oz"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "parody"
    stub-addr: "127.0.0.1@57"

stub-zone:
    name: "pirate"
    stub-addr: "127.0.0.1@57"
	#
	# nsd: https://www.nlnetlabs.nl/projects/nsd/
	# OpenNic: https://www.opennic.org/
	#
	# this file can be placed inside the "/etc/nsd/conf.d folder"
	# e.g. "/etc/nsd/conf.d/opennic.conf" for debian and redhat systems
	# also make sure the "nsd.config" has the following line present:
	# include: "/etc/nsd/conf.d/*.conf"
	#
	# you can use the "nsd-checkconf /etc/nsd/nsd.conf" to check for syntax errors
	# and "nsd-control zonestatus" to check that zones are successfully updated
	#
	# NOTE:
	# The master list may be out of date.
	# Please check https://wiki.opennic.org/opennic/t2slaved for an up to date listing of their IPs
	#
	pattern:
	name: "opennic"
	allow-notify: 45.56.115.189 NOKEY # ns0.opennic.glue
	allow-notify: 45.56.116.224 NOKEY # ns0.opennic.glue
	allow-notify: 173.160.58.202 NOKEY # ns2.opennic.glue
	allow-notify: 2001:470:f032:10:0:100:53:10 NOKEY # ns2.opennic.glue
	allow-notify: 104.168.144.17 NOKEY # ns3.opennic.glue
	allow-notify: 2001:470:8269::53 NOKEY # ns3.opennic.glue
	allow-notify: 178.63.145.230 NOKEY # ns4.opennic.glue
	allow-notify: 2a01:4f8:101:3062::5:2 NOKEY # ns4.opennic.glue
	allow-notify: 94.103.153.176 NOKEY # ns5.opennic.glue
	allow-notify: 2a02:990:219:1:ba:1337:cafe:3 NOKEY # ns5.opennic.glue
	allow-notify: 207.192.71.13 NOKEY # ns6.opennic.glue
	allow-notify: 2002:cfc0:470d::1 NOKEY # ns6.opennic.glue
	allow-notify: 178.63.116.152 NOKEY # ns8.opennic.glue
	allow-notify: 2a01:4f8:141:4281::999 NOKEY # ns8.opennic.glue
	allow-notify: 138.68.128.160 NOKEY # ns9.opennic.glue
	allow-notify: 2a03:b0c0:1:a1::46b:a001 NOKEY # ns9.opennic.glue
	allow-notify: 188.226.146.136 NOKEY # ns10.opennic.glue
	allow-notify: 2001:470:1f04:ebf::2 NOKEY # ns10.opennic.glue
	allow-notify: 138.197.44.179 NOKEY # ns11.opennic.glue

	request-xfr: 45.56.115.189 NOKEY # ns0.opennic.glue
	request-xfr: 45.56.116.224 NOKEY # ns0.opennic.glue
	request-xfr: 173.160.58.202 NOKEY # ns2.opennic.glue
	request-xfr: 2001:470:f032:10:0:100:53:10 NOKEY # ns2.opennic.glue
	request-xfr: 104.168.144.17 NOKEY # ns3.opennic.glue
	request-xfr: 2001:470:8269::53 NOKEY # ns3.opennic.glue
	request-xfr: 178.63.145.230 NOKEY # ns4.opennic.glue
	request-xfr: 2a01:4f8:101:3062::5:2 NOKEY # ns4.opennic.glue
	request-xfr: 94.103.153.176 NOKEY # ns5.opennic.glue
	request-xfr: 2a02:990:219:1:ba:1337:cafe:3 NOKEY # ns5.opennic.glue
	request-xfr: 207.192.71.13 NOKEY # ns6.opennic.glue
	request-xfr: 2002:cfc0:470d::1 NOKEY # ns6.opennic.glue
	request-xfr: 178.63.116.152 NOKEY # ns8.opennic.glue
	request-xfr: 2a01:4f8:141:4281::999 NOKEY # ns8.opennic.glue
	request-xfr: 138.68.128.160 NOKEY # ns9.opennic.glue
	request-xfr: 2a03:b0c0:1:a1::46b:a001 NOKEY # ns9.opennic.glue
	request-xfr: 188.226.146.136 NOKEY # ns10.opennic.glue
	request-xfr: 2001:470:1f04:ebf::2 NOKEY # ns10.opennic.glue
	request-xfr: 138.197.44.179 NOKEY # ns11.opennic.glue

	# NOTE
	# The TLDs may be out of date
	# Ask a master for an up to date lising: dig @45.56.115.189 TXT tlds.opennic.glue +short
	# Also consult https://wiki.opennic.org/opennic/dot
	zone:
	name: "dns.opennic.glue"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "."
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "bbs"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "bit"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "chan"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "dyn"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "free"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "fur"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "geek"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "gopher"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "indy"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "libre"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "neo"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "null"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "o"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "opennic.glue"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "oss"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "oz"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "parody"
	zonefile: "%s.zone"
	include-pattern: opennic

	zone:
	name: "pirate"
	zonefile: "%s.zone"
	include-pattern: opennic
	server:
	# Ignore chain of trust. Domain is treated as insecure.
	# DNSSEC chain of trust is ignored towards the domain name
	# domain-insecure: "example.com"
	domain-insecure: "dns.opennic.glue"
	domain-insecure: "bbs"
	domain-insecure: "bit"
	domain-insecure: "chan"
	domain-insecure: "dyn"
	domain-insecure: "free"
	domain-insecure: "fur"
	domain-insecure: "geek"
	domain-insecure: "gopher"
	domain-insecure: "indy"
	domain-insecure: "libre"
	domain-insecure: "neo"
	domain-insecure: "null"
	domain-insecure: "o"
	domain-insecure: "opennic.glue"
	domain-insecure: "oss"
	domain-insecure: "oz"
	domain-insecure: "parody"
	domain-insecure: "pirate"

	# Stub zones.
	# Create entries like below, to make all queries for 'example.com' and
	# 'example.org' go to the given list of nameservers. list zero or more
	# nameservers by hostname or by ipaddress. If you set stub-prime to yes,
	# the list is treated as priming hints (default is no).
	# stub-zone:
	# name: "example.com"
	# stub-addr: 192.0.2.68
	# stub-prime: "no"
	# stub-zone:
	# name: "example.org"
	# stub-host: ns.example.com.

	stub-zone:
	name: "dns.opennic.glue"
	stub-addr: "127.0.0.1@57" # change to the address@port nsd is running on

	stub-zone:
	name: "bbs"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "bit"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "chan"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "dyn"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "free"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "fur"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "geek"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "gopher"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "indy"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "libre"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "neo"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "null"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "o"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "opennic.glue"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "oss"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "oz"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "parody"
	stub-addr: "127.0.0.1@57"

	stub-zone:
	name: "pirate"
	stub-addr: "127.0.0.1@57"