Hello All,
I believe bind was installed previously as a caching server, and we're trying to resolve some RBL issues and caching dns locally, thinking I may want to change my caching server.
I'm not as familiar with PVE as Centos and needed some guidance to accomplish the following:
1. Identify and remove the existing caching server (based on what I see looks like bind is my reverse)
2. Install the current recommended DNS caching server
I know how to install powerdns recursive server (if thats a preferred choice), if not some instructions/reference would also be appreciated.
Below is what is installed currently, that I'm thinking may not be working well causing me some false positives with RBLs.
Any assistance/direction appreciated! Thank you!
current resolv.conf
current /etc/default/bind9
Current /etc/bind/named.conf.options
I believe bind was installed previously as a caching server, and we're trying to resolve some RBL issues and caching dns locally, thinking I may want to change my caching server.
I'm not as familiar with PVE as Centos and needed some guidance to accomplish the following:
1. Identify and remove the existing caching server (based on what I see looks like bind is my reverse)
2. Install the current recommended DNS caching server
I know how to install powerdns recursive server (if thats a preferred choice), if not some instructions/reference would also be appreciated.
Below is what is installed currently, that I'm thinking may not be working well causing me some false positives with RBLs.
Any assistance/direction appreciated! Thank you!
Code:
bind9-dnsutils/stable,stable-security,now 1:9.16.27-1~deb11u1 amd64 [installed,automatic]
dns-root-data/stable,now 2021011101 all [installed,automatic]
dnsutils/stable,stable-security,now 1:9.16.27-1~deb11u1 all [installed]
libdns-export1104/now 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [installed,local]
libdns-export1110/stable,now 1:9.11.19+dfsg-2.1 amd64 [installed,automatic]
libdns1104/now 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [installed,local]
libdns1110/stable,now 1:9.11.19+dfsg-2.1 amd64 [installed,automatic]
libnet-dns-perl/stable,now 1.29-1 all [installed]current resolv.conf
Code:
nameserver 127.0.0.1
nameserver 1.1.1.1
nameserver 8.8.4.4current /etc/default/bind9
Code:
#
# run resolvconf?
RESOLVCONF=no
# startup options for the server
OPTIONS="-u bind -4"Current /etc/bind/named.conf.options
Code:
acl goodclients {
localhost;
localnets;
};
options {
directory "/var/cache/bind";
recursion yes;
allow-query { goodclients; };
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
listen-on-v6 { none; };
};
Last edited:
