Last active
September 25, 2015 14:23
-
-
Save pulecp/0b650a40b7c32b0436b5 to your computer and use it in GitHub Desktop.
bind configuration with notifications by tsig keys
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /etc/named.conf | |
| key "external" { | |
| algorithm hmac-md5; | |
| secret "TW97YPZWWdSJXd/yYisrrQ=="; | |
| }; | |
| key "internal" { | |
| algorithm hmac-md5; | |
| secret "msSGPzPfX8fAE3I4nE7pcw=="; | |
| }; | |
| view "external" { | |
| allow-notify { 172.88.4.44; key internal; key external; }; | |
| allow-recursion { internal; }; | |
| allow-transfer { none; }; | |
| match-clients { key external; !key internal; !internal; any; }; | |
| include "/etc/named/named.external.conf"; | |
| server 10.99.64.32 { keys external; }; | |
| server 10.99.32.1 { keys external; }; | |
| server 10.99.64.1 { keys external; }; | |
| server 10.99.49.42 { keys external; }; | |
| server 10.99.128.15 { keys external; }; | |
| server 172.88.5.15 { keys external; }; | |
| server 10.99.33.9 { keys external; }; | |
| server 10.99.64.45 { keys external; }; | |
| server 10.99.128.43 { keys external; }; | |
| server 10.99.160.10 { keys external; }; | |
| }; | |
| view "internal" { | |
| allow-notify { 172.88.4.44; key internal; key external; }; | |
| allow-recursion { internal; }; | |
| allow-transfer { internal; }; | |
| match-clients { key internal; !key external; internal; !any; }; | |
| include "/etc/named/named.internal.conf"; | |
| server 10.99.64.32 { keys internal; }; | |
| server 10.99.32.1 { keys internal; }; | |
| server 10.99.64.1 { keys internal; }; | |
| server 10.99.49.42 { keys internal; }; | |
| server 10.99.128.15 { keys internal; }; | |
| server 172.88.5.15 { keys internal; }; | |
| server 10.99.33.9 { keys internal; }; | |
| server 10.99.64.45 { keys internal; }; | |
| server 10.99.128.43 { keys internal; }; | |
| server 10.99.160.10 { keys internal; }; | |
| }; | |
| /etc/named/named.external.conf | |
| zone "example.com" IN { | |
| type master; | |
| file "data/named.hakka"; | |
| also-notify { 10.99.64.32; 10.99.32.1; 10.99.64.1; 10.99.49.42; 10.99.128.15; 172.88.5.15; 10.99.33.9; 10.99.64.45; 10.99.128.43; 10.99.160.10; }; | |
| allow-transfer { internal; 217.33.11.252; }; | |
| }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /etc/named.conf | |
| key "external" { | |
| algorithm hmac-md5; | |
| secret "TW97YPZWWdSJXd/yYisrrQ=="; | |
| }; | |
| key "internal" { | |
| algorithm hmac-md5; | |
| secret "msSGPzPfX8fAE3I4nE7pcw=="; | |
| }; | |
| view "external" { | |
| allow-notify { 172.88.4.44; key internal; key external; }; | |
| allow-recursion { internal; }; | |
| allow-transfer { none; }; | |
| match-clients { key external; !key internal; !internal; any; }; | |
| include "/etc/named/named.external.conf"; | |
| server 172.88.4.44 { keys external; }; | |
| }; | |
| view "internal" { | |
| allow-notify { 172.88.4.44; key internal; key external; }; | |
| allow-recursion { internal; }; | |
| allow-transfer { internal; }; | |
| match-clients { key internal; !key external; internal; !any; }; | |
| include "/etc/named/named.internal.conf"; | |
| server 172.88.4.44 { keys internal; }; | |
| }; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment