dn42-ansible/dns/named.conf.j2

// vim:set ts=4 sw=4 et:

options {
    directory "/var/named";
    pid-file "/run/named/named.pid";

    // Uncomment these to enable IPv6 connections support
    // IPv4 will still work:
    listen-on-v6 { any; };
    // Add this for no IPv4:
    //  listen-on { none; };

    allow-recursion { 127.0.0.1; ::1; 172.22.161.0/27; fd32:6b0:70a6::/48; {% if inventory_hostname == 'us1.routers.9pfs.dn42' %} 192.168.19.0/24; {% endif %} };
    allow-transfer { fd32:6b0:70a6:53::/64; 127.0.0.1; ::1; 172.22.161.10; fd32:6b0:70a6:3000::1; fd32:6b0:70a6:179::/64; };
    allow-update { none; };
    version none;
    hostname none;
    server-id none;
    validate-except {
        "3.10.in-addr.arpa";
        "ts.net";
        "dn42";
        "20.172.in-addr.arpa";
        "21.172.in-addr.arpa";
        "22.172.in-addr.arpa";
        "23.172.in-addr.arpa";
        "d.f.ip6.arpa";
    };
    empty-zones-enable no;
    ixfr-from-differences yes;
{% if inventory_hostname == 'us1.routers.9pfs.dn42' %}
    notify-source-v6 fd32:6b0:70a6:53::ffff;
{% else %}
    catalog-zones {
        zone "catalog.9pfs.dn42" default-primaries { fd32:6b0:70a6:53::ffff; };
    };
{% endif %}
};

{% if inventory_hostname == 'us1.routers.9pfs.dn42' %}
{% include 'us1-named.conf.j2' %}
{% else %}
zone "catalog.9pfs.dn42" {
    file "catalog.9pfs.dn42.zone";
    type secondary;
    primaries {
        fd32:6b0:70a6:53::ffff;
    };
};

{% endif %}

//zone "example.org" IN {
//    type secondary;
//    file "example.zone";
//    primaries {
//        192.168.1.100;
//    };
//    allow-query { any; };
//    allow-transfer { any; };
//};

//logging {
//    channel xfer-log {
//        file "/var/log/named.log";
//            print-category yes;
//            print-severity yes;
//            severity info;
//        };
//        category xfer-in { xfer-log; };
//        category xfer-out { xfer-log; };
//        category notify { xfer-log; };
//};