os:linux:general:splitdns
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
os:linux:general:splitdns [2013/02/26 04:36] – [Configuring ub-split-map] jay | os:linux:general:splitdns [2013/02/26 05:03] – [Wiring Up ub-split-map] jay | ||
---|---|---|---|
Line 63: | Line 63: | ||
==== Wiring Up ub-split-map ===== | ==== Wiring Up ub-split-map ===== | ||
- | First, we'll add the couple of lines needed to get '' | + | First, we'll add the couple of lines needed to get '' |
+ | |||
+ | If you open up ''/ | ||
+ | |||
+ | < | ||
+ | server: | ||
+ | module-config: | ||
+ | |||
+ | # There will probably be a whole lot of stuff here | ||
+ | python: | ||
+ | python-script: | ||
+ | </ | ||
+ | |||
+ | That's it. You are just telling the server, in the //server// section, on the '' | ||
+ | |||
+ | ==== Setting up an internal zone ==== | ||
+ | Here, we'll just set up a simple zone mapping for any internal-only devices you might have. | ||
+ | |||
+ | **IMPORTANT**: | ||
+ | |||
+ | We'll say you want your internal zone to be '' | ||
+ | |||
+ | < | ||
+ | server: | ||
+ | local-zone: example.com typetransparent | ||
+ | include: / | ||
+ | </ | ||
+ | |||
+ | Now, let's set up a "zone file" | ||
+ | |||
+ | === example.com zone file === | ||
+ | As you probably noticed in the previous section, we have an '' | ||
+ | |||
+ | <code bash> | ||
+ | mkdir / | ||
+ | </ | ||
+ | |||
+ | Now, open up ''/ | ||
+ | |||
+ | < | ||
+ | local-data: " | ||
+ | local-data: " | ||
+ | </ | ||
+ | |||
+ | **IMPORTANT**: | ||
+ | |||
+ | You can continue to add as many '' | ||
+ | |||
+ | It should also be noted that you can add other zones with their own zone files. | ||
+ | |||
+ | < | ||
+ | local-data-ptr: | ||
+ | local-data-ptr: | ||
+ | </ | ||
+ | |||
+ | ==== Other unbound.conf stuff ==== | ||
+ | As I noted above, make sure you have the following line in the //server// section of the config: | ||
+ | |||
+ | < | ||
+ | chroot: "" | ||
+ | </ | ||
+ | |||
+ | That will turn **off** the running of unbound in a '' | ||
+ | |||
+ | You will probably need to make other modifications to the '' | ||
+ | |||
+ | ===== You're Done! ===== | ||
+ | That should be it. You should be able to fire up Unbound and test your external to internal IP mappings as well as your internal only lookups. | ||
+ | |||
+ | If you run into any snags that you just can't figure out (and you've RTFM), feel free to shoot me an email with questions at admin@splitstreams.com. |
os/linux/general/splitdns.txt · Last modified: 2013/10/12 19:37 by jay