Hier ist eine Beispielkonfigurationsdatei zu MaraDns, welche ich in der regel immer verwende. Diese Konfiguration nutzt hauptsächlich rekursives DNS und eine lokale Zone.
# Example simplified mararc file.
# The address this DNS server runs on. The IP address "0.0.0.0" binds
# to all addresses that a given machine has; note that this can result
# in problems in certain specialized cases. See the FAQ for details.
bind_address = "10.0.0.254"
# The directory with all of the zone files
chroot_dir = "/etc/maradns"
# The numeric UID MaraDNS will run as
maradns_uid = 99
# The maximum number of threads (or processes, with the zone server)
# MaraDNS is allowed to run
maxprocs = 96
# The number of messages we log to stdout
# 0: No messages except for fatal parsing errors and the legal disclaimer
# 1: Only startup messages logged (default)
# 2: Error queries logged
# 3: All queries logged (but not very verbosely right now)
verbose_level = 1
# Initialize the IP aliases, which are used by the list of root name servers,
# and the ACL of who gets to perform recursive queries
ipv4_alias = {}
# Initialize the csv1 list (a list of zone files)
csv1 = {}
# Here is an example setup which has MaraDNS being authoritative for
# the domain example.com. Change this and add lines if you need to be
# authoritative for other domains.
csv1["badenia.fh-karlsruhe.de."] = "localzone"
# Various sets of root name servers
# Note: Netmasks can exist, but are ignored when specifying root name server
# ICANN: the most common and most controversial root name server
# http://www.icann.org
ipv4_alias["icann"] = "198.41.0.4,128.9.0.107,192.33.4.12,128.8.10.90,192.203.230.10,192.5.5.241,192.112.36.4,128.63.2.53,192.36.148.17,198.41.0.10,193.0.14.129,198.32.64.12,202.12.27.33"
# OSRC: http://www.open-rsc.org/
ipv4_alias["osrc"] = "199.166.24.1,205.189.73.102,199.166.24.3,204.80.125.130,207.126.103.16,195.117.6.10,199.166.31.3,199.166.31.250,199.5.157.128,205.189.73.10,204.57.55.100,213.196.2.97"
# Other root servers are in the full example mararc file, included with the
# MaraDNS distribution
# Recursive ACL: Who is allowd to perform recursive queries.
# With the following line, anyone on the internet can perform recursive
# queries
recursive_acl = "10.0.0.0/24"
# Random seed file: The file form which we read 16 bytes from to get the
# 128-bit random seed. This is ideally a file which is a good source
# of random numbers, but can also be a fixed file if your OS does not have
# a decent random number generator (make sure the contents of that file is
# random and with 600 perms, owned by root, since we read the file *before*
# dropping root privledges)
random_seed_file = "/dev/urandom"
# The maximum number of elements we can have in the cache. If we have more
# elements in the cache than this amount, the "custodian" kicks in to effect,
# removing elements not recently accessed from the cache (8 elements removed
# per query) until we are at the 99% level or so again.
maximum_cache_elements = 1024
# The root servers which we use when making recursive queries.
# The following line must be uncommented to enable recursive queries
#root_servers = {}
# You can choose which set of root servers to use. Current values (set above)
# are: icann, and osrc
# Other alternate registries are listed in the example_full_mararc file
root_servers["."] = "osrc"
# We can also blacklist known spam-friendly DNS servers, so that MaraDNS
# refuses to query known spam-friendly DNS servers
# As of August 12, 2001, azmalink.net is a known spam-friendly DNS
# provider (see doc/detailed/spammers/azmalink.net for details).
# Note that this is based on IPs, and azmalink.net constantly
# changes IPs (as they constantly have to change ISPs)
ipv4_alias["azmalink"] = "206.169.88.7/24"
# As of September 20, 2001, hiddenonline.net is a known spam-friendly
# DNS provider (see doc/detailed/spammers/hiddenonline for details).
ipv4_alias["hiddenonline"] = "65.107.225.0/24"
spammers = "azmalink,hiddenonline"
# And that does it for the caching at this point
upstream_servers = {}
upstream_servers["."] = "193.196.64.1,193.196.125.4"Das Zonefile in /etc/maradns sieht wie folgt aus: (Hier als Beispiel ein Teil der Knoten meines Clusters)
# The SOA record must be first, followed by all authoritative NS # records for this zone. Sbadenia.fh-karlsruhe.de.|86400|badenia.fh-karlsruhe.de.|roja0015@fh-karlsruhe.de.|19771108|7200|3600|604800|1800 Nbadenia.fh-karlsruhe.de.|86400|ns1.badenia.fh-karlsruhe.de. # Some 'IN A' records Ans1.badenia.fh-karlsruhe.de.|86400|10.0.0.254 Agw.%|3600|10.0.0.254 Ajupiter.%|3600|10.0.0.1 Asaturn.%|3600|10.0.0.2 Aneptun.%|3600|10.0.0.3 Asonne.%|3600|10.0.0.4 Amond.%|3600|10.0.0.5 Anode-i686smp-001.%|3600|10.1.1.1 Anode-i686smp-002.%|3600|10.1.1.2 Anode-i686smp-003.%|3600|10.1.1.3 Anode-i686smp-004.%|3600|10.1.1.4 Anode-i686smp-005.%|3600|10.1.1.5 Anode-i686smp-006.%|3600|10.1.1.6 Anode-i686smp-007.%|3600|10.1.1.7 Anode-i686smp-008.%|3600|10.1.1.8 Anode-i686smp-009.%|3600|10.1.1.9 Anode-i686smp-010.%|3600|10.1.1.10 Anode-i686smp-011.%|3600|10.1.1.11 Anode-i686smp-012.%|3600|10.1.1.12 Anode-i686smp-013.%|3600|10.1.1.13 Anode-i686smp-014.%|3600|10.1.1.14 Anode-i686smp-015.%|3600|10.1.1.15 Anode-i686smp-016.%|3600|10.1.1.16 Anode-i686smp-017.%|3600|10.1.1.17 Anode-i686smp-018.%|3600|10.1.1.18 Anode-i686smp-019.%|3600|10.1.1.19 Anode-i686smp-020.%|3600|10.1.1.20
Für eine Liste der DNS Server (rekursiv) der verschiedenen Provider siehe http://www.fli4l.de/german/dns.htm