DNS Server not working ? FreeBSD 12.1

FlorinMarian

Member

Reaction score: 1
Messages: 36

Hello!
I got stuck with FreeBSD DNS Server setup and I would like to get some help because I had an orview over configurations and everything it's fine.

IP address: OVH failover with Firewall enabled with rule for enabling port 53 tcp/udp
Software: FreeBSD 12.1 + bind913

What's wrong?
My domain isn't resolved, when I use "dig secret.domain" I get no IP address for output (tried also remote checkup like check-host.net)

Thank you!

named.conf
Code:
// $FreeBSD: branches/2018Q4/dns/bind913/files/named.conf.in 443607 2017-06-14 22:54:43Z mat $
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/local/share/doc/bind for more details.
//
// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works.  Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.

options {
    // All file and path names are relative to the chroot directory,
    // if any, and should be fully qualified.
    directory    "/usr/local/etc/namedb/working";
    pid-file    "/var/run/named/pid";
    dump-file    "/var/dump/named_dump.db";
    statistics-file    "/var/stats/named.stats";

// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.
    listen-on    { any; };

// If you have IPv6 enabled on this system, uncomment this option for
// use as a local resolver.  To give access to the network, specify
// an IPv6 address, or the keyword "any".
//    listen-on-v6    { ::1; };

// These zones are already covered by the empty zones listed below.
// If you remove the related empty zones below, comment these lines out.
    disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
    disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
    disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";

// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below.  This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
/*
    forwarders {
        127.0.0.1;
    };
*/

// If the 'forwarders' clause is not empty the default is to 'forward first'
// which will fall back to sending a query from your local server if the name
// servers in 'forwarders' do not have the answer.  Alternatively you can
// force your name server to never initiate queries of its own by enabling the
// following line:
//    forward only;

// If you wish to have forwarding configured automatically based on
// the entries in /etc/resolv.conf, uncomment the following line and
// set named_auto_forward=yes in /etc/rc.conf.  You can also enable
// named_auto_forward_only (the effect of which is described above).
//    include "/usr/local/etc/namedb/auto_forward.conf";

    /*
       Modern versions of BIND use a random UDP port for each outgoing
       query by default in order to dramatically reduce the possibility
       of cache poisoning.  All users are strongly encouraged to utilize
       this feature, and to configure their firewalls to accommodate it.

       AS A LAST RESORT in order to get around a restrictive firewall
       policy you can try enabling the option below.  Use of this option
       will significantly reduce your ability to withstand cache poisoning
       attacks, and should be avoided if at all possible.

       Replace NNNNN in the example with a number between 49160 and 65530.
    */
    // query-source address * port NNNNN;
    allow-query     { any; };
    recursion no;
};

// If you enable a local name server, don't forget to enter 127.0.0.1
// first in your /etc/resolv.conf so this server will be queried.
// Also, make sure to enable it in /etc/rc.conf.

// The traditional root hints mechanism. Use this, OR the slave zones below.
zone "." { type hint; file "/usr/local/etc/namedb/named.root"; };

/*    Slaving the following zones from the root name servers has some
    significant advantages:
    1. Faster local resolution for your users
    2. No spurious traffic will be sent from your network to the roots
    3. Greater resilience to any potential root server failure/DDoS

    On the other hand, this method requires more monitoring than the
    hints file to be sure that an unexpected failure mode has not
    incapacitated your server.  Name servers that are serving a lot
    of clients will benefit more from this approach than individual
    hosts.  Use with caution.

    To use this mechanism, uncomment the entries below, and comment
    the hint zone above.

    As documented at http://dns.icann.org/services/axfr/ these zones:
    "." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and a few others
    are available for AXFR from these servers on IPv4 and IPv6:
    xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
*/
/*
zone "." {
    type slave;
    file "/usr/local/etc/namedb/slave/root.slave";
    masters {
        192.0.32.132;           // lax.xfr.dns.icann.org
        2620:0:2d0:202::132;    // lax.xfr.dns.icann.org
        192.0.47.132;           // iad.xfr.dns.icann.org
        2620:0:2830:202::132;   // iad.xfr.dns.icann.org
    };
    notify no;
};
zone "arpa" {
    type slave;
    file "/usr/local/etc/namedb/slave/arpa.slave";
    masters {
        192.0.32.132;           // lax.xfr.dns.icann.org
        2620:0:2d0:202::132;    // lax.xfr.dns.icann.org
        192.0.47.132;           // iad.xfr.dns.icann.org
        2620:0:2830:202::132;   // iad.xfr.dns.icann.org
    };
    notify no;
};
zone "in-addr.arpa" {
    type slave;
    file "/usr/local/etc/namedb/slave/in-addr.arpa.slave";
    masters {
        192.0.32.132;           // lax.xfr.dns.icann.org
        2620:0:2d0:202::132;    // lax.xfr.dns.icann.org
        192.0.47.132;           // iad.xfr.dns.icann.org
        2620:0:2830:202::132;   // iad.xfr.dns.icann.org
    };
    notify no;
};
zone "ip6.arpa" {
    type slave;
    file "/usr/local/etc/namedb/slave/ip6.arpa.slave";
    masters {
        192.0.32.132;           // lax.xfr.dns.icann.org
        2620:0:2d0:202::132;    // lax.xfr.dns.icann.org
        192.0.47.132;           // iad.xfr.dns.icann.org
        2620:0:2830:202::132;   // iad.xfr.dns.icann.org
    };
    notify no;
};
*/

/*    Serving the following zones locally will prevent any queries
    for these zones leaving your network and going to the root
    name servers.  This has two significant advantages:
    1. Faster local resolution for your users
    2. No spurious traffic will be sent from your network to the roots
*/
// RFCs 1912, 5735 and 6303 (and BCP 32 for localhost)
zone "localhost"    { type master; file "/usr/local/etc/namedb/master/localhost-forward.db"; };
zone "127.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/localhost-reverse.db"; };
zone "255.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// RFC 1912-style zone for IPv6 localhost address (RFC 6303)
zone "0.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/localhost-reverse.db"; };

// "This" Network (RFCs 1912, 5735 and 6303)
zone "0.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// Private Use Networks (RFCs 1918, 5735 and 6303)
zone "10.in-addr.arpa"       { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "16.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "17.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "18.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "19.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "20.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "21.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "22.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "23.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "24.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "25.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "26.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "27.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "28.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "29.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "30.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "31.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "168.192.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// Shared Address Space (RFC 6598)
zone "64.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "65.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "66.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "67.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "68.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "69.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "70.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "71.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "72.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "73.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "74.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "75.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "76.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "77.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "78.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "79.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "80.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "81.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "82.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "83.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "84.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "85.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "86.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "87.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "88.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "89.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "90.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "91.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "92.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "93.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "94.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "95.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "96.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "97.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "98.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "99.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "100.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "101.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "102.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "103.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "104.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "105.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "106.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "107.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "108.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "109.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "110.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "111.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "112.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "113.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "114.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "115.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "116.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "117.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "118.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "119.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "120.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "121.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "122.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "123.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "124.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "125.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "126.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "127.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// Link-local/APIPA (RFCs 3927, 5735 and 6303)
zone "254.169.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// IETF protocol assignments (RFCs 5735 and 5736)
zone "0.0.192.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// TEST-NET-[1-3] for Documentation (RFCs 5735, 5737 and 6303)
zone "2.0.192.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "100.51.198.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "113.0.203.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// IPv6 Example Range for Documentation (RFCs 3849 and 6303)
zone "8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// Router Benchmark Testing (RFCs 2544 and 5735)
zone "18.198.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "19.198.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// IANA Reserved - Old Class E Space (RFC 5735)
zone "240.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "241.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "242.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "243.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "244.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "245.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "246.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "247.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "248.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "249.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "250.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "251.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "252.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "253.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "254.in-addr.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// IPv6 Unassigned Addresses (RFC 4291)
zone "1.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "3.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "4.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "5.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "6.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "7.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "8.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "9.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "a.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "b.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "c.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "d.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "e.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "0.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "1.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "2.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "3.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "4.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "5.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "6.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "7.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "8.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "9.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "a.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "b.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "0.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "1.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "2.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "3.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "4.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "5.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "6.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "7.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// IPv6 ULA (RFCs 4193 and 6303)
zone "c.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "d.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// IPv6 Link Local (RFCs 4291 and 6303)
zone "8.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "9.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "a.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "b.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// IPv6 Deprecated Site-Local Addresses (RFCs 3879 and 6303)
zone "c.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "d.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "e.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "f.e.f.ip6.arpa"    { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// IP6.INT is Deprecated (RFC 4159)
zone "ip6.int"        { type master; file "/usr/local/etc/namedb/master/empty.db"; };

// NB: Do not use the IP addresses below, they are faked, and only
// serve demonstration/documentation purposes!
//
// Example slave zone config entries.  It can be convenient to become
// a slave at least for the zone your own domain is in.  Ask
// your network administrator for the IP address of the responsible
// master name server.
//
// Do not forget to include the reverse lookup zone!
// This is named after the first bytes of the IP address, in reverse
// order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6.
//
// Before starting to set up a master zone, make sure you fully
// understand how DNS and BIND work.  There are sometimes
// non-obvious pitfalls.  Setting up a slave zone is usually simpler.
//
// NB: Don't blindly enable the examples below. :-)  Use actual names
// and addresses instead.

zone "secret.domain" {
    type master;
    file "/usr/local/etc/namedb/dynamic/secret.domain.db";
};

/* An example dynamic zone
key "exampleorgkey" {
    algorithm hmac-md5;
    secret "sf87HJqjkqh8ac87a02lla==";
};
zone "example.org" {
    type master;
    allow-update {
        key "exampleorgkey";
    };
    file "/usr/local/etc/namedb/dynamic/example.org";
};
*/

/* Example of a slave reverse zone
zone "1.168.192.in-addr.arpa" {
    type slave;
    file "/usr/local/etc/namedb/slave/1.168.192.in-addr.arpa";
    masters {
        192.168.1.1;
    };
};
*/
secret.domain.db
Code:
$TTL    604800
@       IN      SOA     ns1.secret.domain.       admin.secret.domain. (
                        2018101901;     Serial
                        3H;             Refresh
                        15M;            Retry
                        2W;             Expiry
                        1D );           Minimum
 
; name servers - NS records
        IN      NS      ns1.secret.domain.
        IN      NS      ns2.secret.domain.
 
; name servers - A records
ns1.secret.domain.       IN      A       Secret.IP
ns2.secret.domain.       IN      A       Secret.IP
 
; other records
secret.domain.                IN            A            Secret.IP
secret.domain.            0    IN            MX    0        secret.domain.
@                                    IN            TXT            "v=spf1 a mx ip4:Secret.IP ~all"
localhost                        0    IN            A            127.0.0.1
www                                0    IN            CNAME        secret.domain.
mail                            0    IN            A            Secret.IP
download                        0    IN            CNAME        secret.domain.
board                                IN            A            Secret.IP
ts                                    IN            A            192.168.56.106
shop                                IN            A            Secret.IP
_acme-challenge                    0    IN            TXT            "-CjXIGFGNWctGcBe5ImsiBMyNQDWdG78NWp8WfLqHZQ"
default._domainkey    IN    TXT    ( "v=DKIM1; k=rsa; "
      "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3pHcdVIAIGITtRJZs9uyXJWxSpWRBItTGHY89EJweIO7+zaG3GgX+dWVGoTzOp6jY9ariq7vWG4xSny1oYOg25K+vUqpwmrtN/on1KhsErqb7PqV+wudEMFx6j5gcYE5FXT4y7UhjbfK9vr9eM0jKHG3E6xHrzqiXIx8mWU9OewIDAQAB" )  ; ----- DKIM key secret.domain for secret.domain
 
Top