dns: utilitzem un dns cache que fa d'autoritatiu d'algunes zones

masipcat · masipcat · commit bc17d4542fff · 2017-11-16T14:53:04.000+01:00
diff --git a/dns_authoritative_server/conf/named.conf b/dns_authoritative_server/conf/named.conf
@@ -31,9 +31,14 @@ options {
 
 // Example of how to configure a zone for which this server is the master:
 zone "example.local" IN {
-      type master;
-      file "/etc/bind/zones/example.local";
+        type master;
+        file "/etc/bind/zones/example.local";
+};
+
+zone "guifibages.net" IN {
+        type master;
+        file "/etc/bind/zones/db.guifibages.net";
 };
 
 // You can include files:
-//include "/etc/bind/zones/example.conf";
+//include "/etc/bind/zones/example.conf";
diff --git a/dns_authoritative_server/conf/zones/db.guifibages.net b/dns_authoritative_server/conf/zones/db.guifibages.net
@@ -0,0 +1,24 @@
+$TTL    60
+@       IN      SOA     ns.guifibages.net. root.guifibages.net. (
+                              1         ; Serial
+                         604800         ; Refresh
+                          86400         ; Retry
+                        2419200         ; Expire
+                         604800 )       ; Negative Cache TTL
+;
+@       IN      NS      ns.guifibages.net.
+ns      IN      A       10.228.17.250
+ns2	IN	A	10.228.18.51
+
+; màquines
+s1	IN	A	10.228.17.250
+s2	IN	A	10.228.18.51
+
+; propietaris
+paco	IN	CNAME	s1
+xevi	IN	CNAME	s2
+
+; serveis
+pool.ntp	IN      A	10.228.17.250
+pool.ntp	IN	A	10.228.18.51
+
diff --git a/dns_authoritative_server/conf/zones/example.local b/dns_authoritative_server/conf/zones/example.local
diff --git a/dns_authoritative_server/docker-compose.yml b/dns_authoritative_server/docker-compose.yml
@@ -3,8 +3,8 @@ services:
   dns:
     build: .
     ports:
-     - "53:53"
-     - "53:53/udp"
+     - "127.0.0.2:53:53"
+     - "127.0.0.2:53:53/udp"
     volumes:
-     - ./named.conf:/etc/bind/named.conf:ro
-     - ./zones/:/etc/bind/zones/:ro
+     - ./conf:/etc/bind:ro
+    restart: always
diff --git a/dns_recursive_server/config/named.conf b/dns_recursive_server/config/named.conf
@@ -7,7 +7,7 @@ options {
 
         // If you want to allow only specific hosts to use the DNS server:
         allow-query {
-              any;
+		10.0.0.0/8;
         };
 
         // Specify a list of IPs/masks to allow zone transfers to here.
@@ -25,7 +25,7 @@ options {
 
         // Changing this is NOT RECOMMENDED; see the notes above and in
         // named.conf.recursive.
-        //allow-recursion { none; };
+        allow-recursion { 10.0.0.0/8; };
         recursion yes;
 
         forwarders {
diff --git a/dns_recursive_server/config/zones/db.guifibages.net b/dns_recursive_server/config/zones/db.guifibages.net
diff --git a/dns_recursive_server/docker-compose.yml b/dns_recursive_server/docker-compose.yml
@@ -6,6 +6,5 @@ services:
      - "53:53"
      - "53:53/udp"
     volumes:
-     - ./named.conf:/etc/bind/named.conf:ro
-     - ./zones/:/etc/bind/zones/:ro
+     - ./config:/etc/bind:ro
     restart: always
