DNS Zone options
2005090901 ; serial number 5M ; refresh 1M ; retry 604800 ; expire 10M ; minimum TTL
example.com fragment from named.conf defines this server as a zone master 192.168.0.2 is a stealth server NOT listed in a NS record
zone "example.com" in{
type master;
also-notify {192.168.0.2;};
file "pri/pri.example.com";
// enable slaves only
allow-transfer {192.168.23.1;192.168.23.2;);
};
SLAVE
options {
directory "/var/named";
// version statement for security to avoid hacking known weaknesses
version "not currently available";
// allows notifies only from master
allow-notify {192.168.0.1};
// disables all zone transfer requests
allow-transfer{"none"};
// Closed DNS - permits only local IPs to issue recursive queries
// remove if an Open DNS required to support all users
// or add additional ranges
allow-recursion {192.168.3.0/24;};
};
example.com fragment from named.conf defines this server as a zone slave
zone "example.com" in{
type slave;
file "sec/sec.example.com";
masters {192.168.23.17;};
};