10 changed files with 20 additions and 222 deletions
@ -1,3 +0,0 @@ |
|||||
. 3600000 NS P.ROOT-SERVERS.NET. |
|
||||
P.ROOT-SERVERS.NET. 3600000 A 100.100.1.10 |
|
||||
P.ROOT-SERVERS.NET. 3600000 AAAA 2001:db8:a001::10 |
|
@ -1,3 +0,0 @@ |
|||||
. 3600000 NS P.ROOT-SERVERS.NET. |
|
||||
P.ROOT-SERVERS.NET. 3600000 A 100.100.1.10 |
|
||||
P.ROOT-SERVERS.NET. 3600000 AAAA 2001:db8:a001::10 |
|
@ -0,0 +1,3 @@ |
|||||
|
120.100.in-addr.arpa. 172800 IN NS p.120.100.in-addr.arpa. |
||||
|
p.120.100.in-addr.arpa. 172800 IN A 100.120.1.2 |
||||
|
p.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:120:1::2 |
@ -1,50 +0,0 @@ |
|||||
#!/bin/bash |
|
||||
# Root NS template |
|
||||
set -e |
|
||||
if [ -z $SNSTERGUARD ] ; then exit 1; fi |
|
||||
DIR=`dirname $0` |
|
||||
cd `dirname $0` |
|
||||
|
|
||||
# disable systemd-resolved which conflicts with nsd |
|
||||
echo "DNSStubListener=no" >> /etc/systemd/resolved.conf |
|
||||
systemctl stop systemd-resolved |
|
||||
|
|
||||
apt-get update |
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install -y unbound dnsutils |
|
||||
|
|
||||
# get root hints |
|
||||
#wget "http://www.internic.net/domain/named.root" -O /etc/unbound/root.hints |
|
||||
echo -e ". 3600000 NS P.ROOT-SERVERS.NET. |
|
||||
P.ROOT-SERVERS.NET. 3600000 A 100.100.1.10 |
|
||||
P.ROOT-SERVERS.NET. 3600000 AAAA 2001:db8:a001::10 |
|
||||
" > /etc/unbound/root.hints |
|
||||
|
|
||||
# customize unbound config |
|
||||
#echo -e "server: |
|
||||
# ip-address: 127.0.0.1 |
|
||||
echo -e "server: |
|
||||
root-hints: root.hints |
|
||||
" > /etc/unbound/unbound.conf.d/root.conf |
|
||||
|
|
||||
for i in {64..127}; do |
|
||||
echo -e " local-zone: \"$i.100.in-addr.arpa.\" nodefault" >> /etc/unbound/unbound.conf.d/root.conf |
|
||||
done |
|
||||
|
|
||||
|
|
||||
# local-zone: \"120.100.in-addr.arpa.\" nodefault |
|
||||
# local-zone: \"64.100.in-addr.arpa. to 127.100.in-addr.arpa.\" nodefault |
|
||||
# for i in {64..127}; do echo $i; done |
|
||||
|
|
||||
# no DNSSEC validation for now |
|
||||
sed -i "s/auto/\#auto/" /etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf |
|
||||
|
|
||||
# Be an open dns resolver -- TO CHANGE LATER |
|
||||
echo -e "server: |
|
||||
interface: 0.0.0.0 |
|
||||
access-control: 0.0.0.0/0 allow |
|
||||
cache-max-ttl: 20 |
|
||||
cache-min-ttl: 10 |
|
||||
cache-max-negative-ttl: 20 |
|
||||
" > /etc/unbound/unbound.conf.d/listen.conf |
|
||||
|
|
||||
service unbound restart |
|
@ -1,156 +0,0 @@ |
|||||
#!/bin/bash |
|
||||
# Root NS template |
|
||||
set -e |
|
||||
if [ -z $SNSTERGUARD ] ; then exit 1; fi |
|
||||
DIR=`dirname $0` |
|
||||
cd `dirname $0` |
|
||||
|
|
||||
# disable systemd-resolved which conflicts with nsd |
|
||||
echo "DNSStubListener=no" >> /etc/systemd/resolved.conf |
|
||||
systemctl stop systemd-resolved |
|
||||
|
|
||||
apt-get update |
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install -y nsd |
|
||||
|
|
||||
# get root zone |
|
||||
wget "http://www.internic.net/domain/root.zone" -O /etc/nsd/root.zone |
|
||||
|
|
||||
# customize root zone |
|
||||
# remove official roots |
|
||||
sed -i -e 's/^\.\s.*NS.*[a-m].root-servers.net.*//' /etc/nsd/root.zone |
|
||||
# add alternative milxc root |
|
||||
|
|
||||
echo -e ". 518400 IN NS p.root-servers.net |
|
||||
p.root-servers.net 518400 IN A 100.100.1.10 |
|
||||
p.root-servers.net 518400 IN AAAA 2001:db8:a001::10 |
|
||||
" >> /etc/nsd/root.zone |
|
||||
|
|
||||
|
|
||||
# add .sns TLD served by 100.100.20.10 |
|
||||
echo -e "sns. 518400 IN NS ns.sns. |
|
||||
ns.sns. 518400 IN A 100.100.20.10 |
|
||||
ns.sns. 518400 IN AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone |
|
||||
|
|
||||
# customize nsd config |
|
||||
#echo -e "server: |
|
||||
# ip-address: 127.0.0.1 |
|
||||
echo -e "zone: |
|
||||
name: \".\" |
|
||||
zonefile: \"root.zone\" |
|
||||
" > /etc/nsd/nsd.conf |
|
||||
|
|
||||
# Reverse DNS |
|
||||
#sed -i -e 's/^arpa.*//' /etc/nsd/root.zone |
|
||||
#sed -i -e 's/^.\.ns\.arpa.*.*//' /etc/nsd/root.zone |
|
||||
|
|
||||
## Racine |
|
||||
sed -i -e '/NSEC.*/d' /etc/nsd/root.zone |
|
||||
sed -i -e '/RRSIG.*/d' /etc/nsd/root.zone |
|
||||
sed -i -e '/DNSKEY.*/d' /etc/nsd/root.zone |
|
||||
sed -i -e '/DS.*/d' /etc/nsd/root.zone |
|
||||
sed -i -e '/^arpa.*/d' /etc/nsd/root.zone |
|
||||
sed -i -e '/^.\.ns\.arpa.*.*/d' /etc/nsd/root.zone |
|
||||
echo -e "arpa. 172800 IN NS p.ns.arpa. |
|
||||
p.ns.arpa. 172800 IN A 100.100.1.10 |
|
||||
p.ns.arpa. 172800 IN AAAA 2001:db8:a001::10 |
|
||||
" >> /etc/nsd/root.zone |
|
||||
|
|
||||
## .arpa |
|
||||
wget "https://www.internic.net/domain/arpa.zone" -O /etc/nsd/arpa.zone |
|
||||
sed -i -e '/NSEC.*/d' /etc/nsd/arpa.zone |
|
||||
sed -i -e '/RRSIG.*/d' /etc/nsd/arpa.zone |
|
||||
sed -i -e '/DNSKEY.*/d' /etc/nsd/arpa.zone |
|
||||
sed -i -e '/DS.*/d' /etc/nsd/arpa.zone |
|
||||
sed -i -e '/^arpa\.\s.*NS.*[a-m].ns.arpa.*/d' /etc/nsd/arpa.zone |
|
||||
sed -i -e '/^in-addr.*/d' /etc/nsd/arpa.zone |
|
||||
sed -i -e '/^.\.in-addr.*/d' /etc/nsd/arpa.zone |
|
||||
echo -e "arpa. 172800 IN NS p.ns.arpa. |
|
||||
p.ns.arpa. 172800 IN A 100.100.1.10 |
|
||||
p.ns.arpa. 172800 IN AAAA 2001:db8:a001::10 |
|
||||
in-addr.arpa. 172800 IN NS p.in-addr-servers.arpa. |
|
||||
p.in-addr-servers.arpa. 172800 IN A 100.100.1.10 |
|
||||
p.in-addr-servers.arpa. 172800 IN AAAA 2001:db8:a001::10 |
|
||||
" >> /etc/nsd/arpa.zone |
|
||||
|
|
||||
echo -e "zone: |
|
||||
name: \"arpa.\" |
|
||||
zonefile: \"arpa.zone\" |
|
||||
" >> /etc/nsd/nsd.conf |
|
||||
|
|
||||
## .in-addr.arpa |
|
||||
wget "https://www.internic.net/domain/in-addr.arpa.zone" -O /etc/nsd/in-addr.arpa.zone |
|
||||
sed -i -e '/SOA.*/d' /etc/nsd/in-addr.arpa.zone |
|
||||
sed -i -e '/NSEC.*/d' /etc/nsd/in-addr.arpa.zone |
|
||||
sed -i -e '/RRSIG.*/d' /etc/nsd/in-addr.arpa.zone |
|
||||
sed -i -e '/DNSKEY.*/d' /etc/nsd/in-addr.arpa.zone |
|
||||
sed -i -e '/DS.*/d' /etc/nsd/in-addr.arpa.zone |
|
||||
sed -i -e '/^in-addr\.arpa\.\s.*NS.*[a-m].in-addr-servers.arpa.*/d' /etc/nsd/in-addr.arpa.zone |
|
||||
sed -i -e '/^100.*/d' /etc/nsd/in-addr.arpa.zone |
|
||||
echo -e "in-addr.arpa. 172800 IN NS p.ns.in-addr.arpa. |
|
||||
p.ns.in-addr.arpa. 172800 IN A 100.100.1.10 |
|
||||
p.ns.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 |
|
||||
100.in-addr.arpa. 172800 IN NS p.100.in-addr.arpa. |
|
||||
p.100.in-addr.arpa. 172800 IN A 100.100.1.10 |
|
||||
p.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 |
|
||||
in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600 |
|
||||
" >> /etc/nsd/in-addr.arpa.zone |
|
||||
|
|
||||
echo -e "zone: |
|
||||
name: \"in-addr.arpa.\" |
|
||||
zonefile: \"in-addr.arpa.zone\" |
|
||||
" >> /etc/nsd/nsd.conf |
|
||||
|
|
||||
|
|
||||
|
|
||||
# 100.in-addr.arpa |
|
||||
echo -e "100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600 |
|
||||
100.in-addr.arpa. 172800 IN NS p.ns.100.in-addr.arpa. |
|
||||
p.ns.100.in-addr.arpa. 172800 IN A 100.100.1.10 |
|
||||
p.ns.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 |
|
||||
120.100.in-addr.arpa. 172800 IN NS p.120.100.in-addr.arpa. |
|
||||
p.120.100.in-addr.arpa. 172800 IN A 100.120.1.2 |
|
||||
p.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:120:1::2 |
|
||||
" > /etc/nsd/100.in-addr.arpa.zone |
|
||||
|
|
||||
echo -e "zone: |
|
||||
name: \"100.in-addr.arpa.\" |
|
||||
zonefile: \"100.in-addr.arpa.zone\" |
|
||||
" >> /etc/nsd/nsd.conf |
|
||||
|
|
||||
# |
|
||||
# # 120.100.in-addr.arpa |
|
||||
# echo -e "120.100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600 |
|
||||
# 120.100.in-addr.arpa. 172800 IN NS p.ns.120.100.in-addr.arpa. |
|
||||
# p.ns.120.100.in-addr.arpa. 172800 IN A 100.100.1.10 |
|
||||
# p.ns.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 |
|
||||
# 1.120.100.in-addr.arpa. 172800 IN NS p.1.120.100.in-addr.arpa. |
|
||||
# p.1.120.100.in-addr.arpa. 172800 IN A 100.100.1.10 |
|
||||
# p.1.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 |
|
||||
# " > /etc/nsd/120.100.in-addr.arpa.zone |
|
||||
# |
|
||||
# echo -e "zone: |
|
||||
# name: \"120.100.in-addr.arpa.\" |
|
||||
# zonefile: \"120.100.in-addr.arpa.zone\" |
|
||||
# " >> /etc/nsd/nsd.conf |
|
||||
# |
|
||||
# # 1.120.100.in-addr.arpa |
|
||||
# echo -e "1.120.100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600 |
|
||||
# 1.120.100.in-addr.arpa. 172800 IN NS p.ns.1.120.100.in-addr.arpa. |
|
||||
# p.ns.1.120.100.in-addr.arpa. 172800 IN A 100.100.1.10 |
|
||||
# p.ns.1.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 |
|
||||
# 2.1.120.100.in-addr.arpa. 172800 IN PTR smtp.isp-a.sns. |
|
||||
# " > /etc/nsd/1.120.100.in-addr.arpa.zone |
|
||||
# |
|
||||
# echo -e "zone: |
|
||||
# name: \"1.120.100.in-addr.arpa.\" |
|
||||
# zonefile: \"1.120.100.in-addr.arpa.zone\" |
|
||||
# " >> /etc/nsd/nsd.conf |
|
||||
|
|
||||
|
|
||||
|
|
||||
# 2.1.120.100.in-addr.arpa. 172800 IN PTR smtp.isp-a.sns |
|
||||
# 100.120.1.2 |
|
||||
|
|
||||
|
|
||||
|
|
||||
#service nsd restart |
|
Loading…
Reference in new issue