BIND9 Zone Configuration
Tier 1 Server
Tier 2 Server
/etc/bind/named.conf.local
view "opennic" {
allow-query { any; };
match-clients { any; };
recursion yes;
max-cache-size 30%;
######################################## ROOT OPENNIC
zone "." {
type secondary;
file "/etc/bind/zones/slaves/db.root";
masters { 195.201.99.61; 168.119.153.26; };
allow-transfer { any; };
notify no;
};
######################################## OPENNIC
include "/etc/bind/db.opennic";
######################################## END
};
/etc/bind/db.opennic
#
# OPENNIC Zones
#
zone "opennic.glue" {
type secondary;
file "/etc/bind/zones/slaves/glue.zone";
masters { 195.201.99.61; 168.119.153.26; };
allow-transfer { any; };
notify no;
};
zone "dns.opennic.glue" {
type secondary;
file "/etc/bind/zones/slaves/dns.glue.zone";
masters { 195.201.99.61; 168.119.153.26; };
allow-transfer { any; };
notify no;
};
zone "cyb" {
type secondary;
file "/etc/bind/zones/slaves/cyb.zone";
masters { 161.97.219.84; 104.168.144.17; 163.172.168.171; 178.63.116.152; 209.141.36.19; 188.226.146.136; 198.98.51.33; 79.124.7.81; };
allow-transfer { any; };
notify no;
};
zone "geek" {
type secondary;
file "/etc/bind/zones/slaves/geek.zone";
masters { 161.97.219.84; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 209.141.36.19; 198.98.51.33; 79.124.7.81; 144.76.103.143; };
allow-transfer { any; };
notify no;
};
zone "free" {
type secondary;
file "/etc/bind/zones/slaves/free.zone";
masters { 161.97.219.84; };
allow-transfer { any; };
notify no;
};
zone "indy" {
type secondary;
file "/etc/bind/zones/slaves/indy.zone";
masters { 161.97.219.84; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 209.141.36.19; 198.98.51.33; 79.124.7.81; 144.76.103.143; };
allow-transfer { any; };
notify no;
};
zone "parody" {
type secondary;
file "/etc/bind/zones/slaves/parody.zone";
masters { 161.97.219.84; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 209.141.36.19; 198.98.51.33; 79.124.7.81; 144.76.103.143; };
allow-transfer { any; };
notify no;
};
zone "bbs" {
type secondary;
file "/etc/bind/zones/slaves/bbs.zone";
masters { 161.97.219.84; 104.168.144.17; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 188.226.146.136; };
allow-transfer { any; };
notify no;
};
zone "null" {
type secondary;
file "/etc/bind/zones/slaves/null.zone";
masters { 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 188.226.146.136; };
allow-transfer { any; };
notify no;
};
zone "oss" {
type secondary;
file "/etc/bind/zones/slaves/oss.zone";
masters { 161.97.219.84; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 209.141.36.19; 198.98.51.33; 79.124.7.81; 144.76.103.143; };
allow-transfer { any; };
notify no;
};
zone "ing" {
type secondary;
file "/etc/bind/zones/slaves/ing.zone";
masters { 161.97.219.84; };
allow-transfer { any; };
notify no;
};
zone "dyn" {
type secondary;
file "/etc/bind/zones/slaves/dyn.zone";
masters { 161.97.219.84; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 209.141.36.19; 198.98.51.33; 79.124.7.81; 144.76.103.143; };
allow-transfer { any; };
notify no;
};
zone "gopher" {
type secondary;
file "/etc/bind/zones/slaves/gopher.zone";
masters { 161.97.219.84; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 209.141.36.19; 198.98.51.33; 79.124.7.81; 144.76.103.143; };
allow-transfer { any; };
notify no;
};
zone "micro" {
type secondary;
file "/etc/bind/zones/slaves/micro.zone";
masters { 161.97.219.84; };
allow-transfer { any; };
notify no;
};
zone "neo" {
type secondary;
file "/etc/bind/zones/slaves/neo.zone";
masters { 161.97.219.84; 104.168.144.17; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 209.141.36.19; 188.226.146.136; };
allow-transfer { any; };
notify no;
};
zone "pirate" {
type secondary;
file "/etc/bind/zones/slaves/pirate.zone";
masters { 161.97.219.84; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 209.141.36.19; 198.98.51.33; 79.124.7.81; 144.76.103.143; };
allow-transfer { any; };
notify no;
};
zone "oz" {
type secondary;
file "/etc/bind/zones/slaves/oz.zone";
masters { 161.97.219.84; 104.168.144.17; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 209.141.36.19; 188.226.146.136; 198.98.51.33; 79.124.7.81; };
allow-transfer { any; };
notify no;
};
zone "epic" {
type secondary;
file "/etc/bind/zones/slaves/epic.zone";
masters { 161.97.219.84; };
allow-transfer { any; };
notify no;
};
zone "o" {
type secondary;
file "/etc/bind/zones/slaves/o.zone";
masters { 161.97.219.84; };
allow-transfer { any; };
notify no;
};
zone "chan" {
type secondary;
file "/etc/bind/zones/slaves/chan.zone";
masters { 161.97.219.84; 163.172.168.171; 207.192.71.13; 178.63.116.152; 209.141.36.19; 188.226.146.136; };
allow-transfer { any; };
notify no;
};
zone "libre" {
type secondary;
file "/etc/bind/zones/slaves/libre.zone";
masters { 161.97.219.84; 163.172.168.171; 94.103.153.176; 207.192.71.13; 178.63.116.152; 209.141.36.19; 198.98.51.33; 79.124.7.81; 144.76.103.143; };
allow-transfer { any; };
notify no;
};
#
# PEERED Zones
#
zone "fur" {
type secondary;
file "/etc/bind/zones/slaves/fur.zone";
masters { 178.63.116.152; 161.97.219.84; 163.172.168.171; };
allow-transfer { any; };
notify no;
};
zone "bazar" {
type secondary;
file "/etc/bind/zones/slaves/bazar.zone";
masters { 208.87.98.37; 172.106.88.242; };
allow-transfer { any; };
notify no;
};
zone "coin" {
type secondary;
file "/etc/bind/zones/slaves/coin.zone";
masters { 208.87.98.37; 172.106.88.242; };
allow-transfer { any; };
notify no;
};
zone "emc" {
type secondary;
file "/etc/bind/zones/slaves/emc.zone";
masters { 208.87.98.37; 172.106.88.242; };
allow-transfer { any; };
notify no;
};
zone "lib" {
type secondary;
file "/etc/bind/zones/slaves/lib.zone";
masters { 208.87.98.37; 172.106.88.242; };
allow-transfer { any; };
notify no;
};
Please refer to OpenNic TLDs for information on why the masters are changed in the following:
zone "ku" {
type secondary;
file "/etc/bind/zones/slaves/ku.zone";
masters { 161.97.219.84; };
# 5.45.96.220; 185.82.22.133; };
allow-transfer { any; };
notify no;
};
zone "te" {
type secondary;
file "/etc/bind/zones/slaves/te.zone";
masters { 161.97.219.84; };
# 5.45.96.220; 185.82.22.133; };
allow-transfer { any; };
notify no;
};
zone "ti" {
type secondary;
file "/etc/bind/zones/slaves/ti.zone";
masters { 161.97.219.84; };
# 5.45.96.220; 185.82.22.133; };
allow-transfer { any; };
notify no;
};
zone "uu" {
type secondary;
file "/etc/bind/zones/slaves/uu.zone";
masters { 161.97.219.84; };
# 5.45.96.220; 185.82.22.133; };
allow-transfer { any; };
notify no;
};
zone "ko" {
type secondary;
file "/etc/bind/zones/slaves/ko.zone";
masters { 161.97.219.84; };
# 5.45.96.220; 185.82.22.133; };
allow-transfer { any; };
notify no;
};
zone "rm" {
type secondary;
file "/etc/bind/zones/slaves/rm.zone";
masters { 161.97.219.84; };
# 5.45.96.220; 185.82.22.133; };
allow-transfer { any; };
notify no;
};
Tier 2 Server Configuration Explained
In the zone file the masters of a zone should always be masters of the zone you are serving.
For ease of use the slave zones files are stored in a file within the /etc/bind/zones/slaves/ directory. Make sure bind can access this directory or change the directory to something else (like /etc/bind/name.zone ).
Tier 2 Servers can only be configured to be of type secondary/slave.
Things to consider before starting the named service:
In the view “opennic” 4 settings are made before reading the zone data.
If you don't like to provide open name resolution services to the internet consider changing allow-query and match-clients to fit your needs. 3)
Refer to the BIND9 Configuration Documentation for instructions on how to set up acls and other security measures.
The cache size to be used for OpenNIC Domains can be changed by setting a different max-cache-size value in %.
If clients allowed to query the view “opennic” request recursion, your server will do the lookups required for any domain and reply with an answer. If you would like to change this,
set recursion to no. The server will only reply with an answer to zone data served by the server - by configuration in a zone file.