#!/bin/bash # Root NS template set -e if [ -z $SNSTERGUARD ] ; then exit 1; fi DIR=`dirname $0` cd `dirname $0` # disable systemd-resolved which conflicts with nsd echo "DNSStubListener=no" >> /etc/systemd/resolved.conf systemctl stop systemd-resolved apt-get update DEBIAN_FRONTEND=noninteractive apt-get install -y nsd # get root zone wget "http://www.internic.net/domain/root.zone" -O /etc/nsd/root.zone # customize root zone # remove official roots sed -i -e 's/^\.\s.*NS.*[a-m].root-servers.net.*//' /etc/nsd/root.zone # add alternative milxc root echo -e ". 518400 IN NS p.root-servers.net p.root-servers.net 518400 IN A 100.100.1.10 p.root-servers.net 518400 IN AAAA 2001:db8:a001::10 " >> /etc/nsd/root.zone # add .sns TLD served by 100.100.20.10 echo -e "sns. 518400 IN NS ns.sns. ns.sns. 518400 IN A 100.100.20.10 ns.sns. 518400 IN AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone # customize nsd config #echo -e "server: # ip-address: 127.0.0.1 echo -e "zone: name: \".\" zonefile: \"root.zone\" " > /etc/nsd/nsd.conf # Reverse DNS #sed -i -e 's/^arpa.*//' /etc/nsd/root.zone #sed -i -e 's/^.\.ns\.arpa.*.*//' /etc/nsd/root.zone ## Racine sed -i -e '/NSEC.*/d' /etc/nsd/root.zone sed -i -e '/RRSIG.*/d' /etc/nsd/root.zone sed -i -e '/DNSKEY.*/d' /etc/nsd/root.zone sed -i -e '/DS.*/d' /etc/nsd/root.zone sed -i -e '/^arpa.*/d' /etc/nsd/root.zone sed -i -e '/^.\.ns\.arpa.*.*/d' /etc/nsd/root.zone echo -e "arpa. 172800 IN NS p.ns.arpa. p.ns.arpa. 172800 IN A 100.100.1.10 p.ns.arpa. 172800 IN AAAA 2001:db8:a001::10 " >> /etc/nsd/root.zone ## .arpa wget "https://www.internic.net/domain/arpa.zone" -O /etc/nsd/arpa.zone sed -i -e '/NSEC.*/d' /etc/nsd/arpa.zone sed -i -e '/RRSIG.*/d' /etc/nsd/arpa.zone sed -i -e '/DNSKEY.*/d' /etc/nsd/arpa.zone sed -i -e '/DS.*/d' /etc/nsd/arpa.zone sed -i -e '/^arpa\.\s.*NS.*[a-m].ns.arpa.*/d' /etc/nsd/arpa.zone sed -i -e '/^in-addr.*/d' /etc/nsd/arpa.zone sed -i -e '/^.\.in-addr.*/d' /etc/nsd/arpa.zone echo -e "arpa. 172800 IN NS p.ns.arpa. p.ns.arpa. 172800 IN A 100.100.1.10 p.ns.arpa. 172800 IN AAAA 2001:db8:a001::10 in-addr.arpa. 172800 IN NS p.in-addr-servers.arpa. p.in-addr-servers.arpa. 172800 IN A 100.100.1.10 p.in-addr-servers.arpa. 172800 IN AAAA 2001:db8:a001::10 " >> /etc/nsd/arpa.zone echo -e "zone: name: \"arpa.\" zonefile: \"arpa.zone\" " >> /etc/nsd/nsd.conf ## .in-addr.arpa wget "https://www.internic.net/domain/in-addr.arpa.zone" -O /etc/nsd/in-addr.arpa.zone sed -i -e '/SOA.*/d' /etc/nsd/in-addr.arpa.zone sed -i -e '/NSEC.*/d' /etc/nsd/in-addr.arpa.zone sed -i -e '/RRSIG.*/d' /etc/nsd/in-addr.arpa.zone sed -i -e '/DNSKEY.*/d' /etc/nsd/in-addr.arpa.zone sed -i -e '/DS.*/d' /etc/nsd/in-addr.arpa.zone sed -i -e '/^in-addr\.arpa\.\s.*NS.*[a-m].in-addr-servers.arpa.*/d' /etc/nsd/in-addr.arpa.zone sed -i -e '/^100.*/d' /etc/nsd/in-addr.arpa.zone echo -e "in-addr.arpa. 172800 IN NS p.ns.in-addr.arpa. p.ns.in-addr.arpa. 172800 IN A 100.100.1.10 p.ns.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 100.in-addr.arpa. 172800 IN NS p.100.in-addr.arpa. p.100.in-addr.arpa. 172800 IN A 100.100.1.10 p.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600 " >> /etc/nsd/in-addr.arpa.zone echo -e "zone: name: \"in-addr.arpa.\" zonefile: \"in-addr.arpa.zone\" " >> /etc/nsd/nsd.conf # 100.in-addr.arpa echo -e "100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600 100.in-addr.arpa. 172800 IN NS p.ns.100.in-addr.arpa. p.ns.100.in-addr.arpa. 172800 IN A 100.100.1.10 p.ns.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 120.100.in-addr.arpa. 172800 IN NS p.120.100.in-addr.arpa. p.120.100.in-addr.arpa. 172800 IN A 100.120.1.2 p.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:120:1::2 " > /etc/nsd/100.in-addr.arpa.zone echo -e "zone: name: \"100.in-addr.arpa.\" zonefile: \"100.in-addr.arpa.zone\" " >> /etc/nsd/nsd.conf # # # 120.100.in-addr.arpa # echo -e "120.100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600 # 120.100.in-addr.arpa. 172800 IN NS p.ns.120.100.in-addr.arpa. # p.ns.120.100.in-addr.arpa. 172800 IN A 100.100.1.10 # p.ns.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 # 1.120.100.in-addr.arpa. 172800 IN NS p.1.120.100.in-addr.arpa. # p.1.120.100.in-addr.arpa. 172800 IN A 100.100.1.10 # p.1.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 # " > /etc/nsd/120.100.in-addr.arpa.zone # # echo -e "zone: # name: \"120.100.in-addr.arpa.\" # zonefile: \"120.100.in-addr.arpa.zone\" # " >> /etc/nsd/nsd.conf # # # 1.120.100.in-addr.arpa # echo -e "1.120.100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600 # 1.120.100.in-addr.arpa. 172800 IN NS p.ns.1.120.100.in-addr.arpa. # p.ns.1.120.100.in-addr.arpa. 172800 IN A 100.100.1.10 # p.ns.1.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10 # 2.1.120.100.in-addr.arpa. 172800 IN PTR smtp.isp-a.sns. # " > /etc/nsd/1.120.100.in-addr.arpa.zone # # echo -e "zone: # name: \"1.120.100.in-addr.arpa.\" # zonefile: \"1.120.100.in-addr.arpa.zone\" # " >> /etc/nsd/nsd.conf # 2.1.120.100.in-addr.arpa. 172800 IN PTR smtp.isp-a.sns # 100.120.1.2 #service nsd restart