Re: Setting up bind - location for includes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 02/15/2013 12:31 PM, Jay Leafey wrote:
> On 02/15/2013 10:44 AM, Robert Moskowitz wrote:
>> I am setting up bind this time around (just rebuilt my test machine via
>> Kickstart) without chroot.
>>
>> I have a fair number of includes for named.conf; I have two views and
>> other odds and ends.  My thoughts are to make a directory; /etc/named.d
>> to put all these includes into instead of 'dirtying' up /etc. This way
>> the only files I replace/add to /etc are named.conf and rndc.key (I
>> would like to work the latter around to also be in named.d, but this
>> impacts rndc itself).
>>
>> Thoughts on this?  Anyone else have a well segmented named.conf file?
>>
>
> That's my line of thinking too.  I normally have a pretty skeletal 
> named.conf file, with all the heavy-lifting going on in files included 
> from directory /etc/named.d.  It seems to me that a more modular 
> approach minimizes the impact of fat-fingering and generally makes it 
> easier to change out chunks of configuration as needed. 
> (named-checkconf is your friend!)

I just completed setting it up and it is working.  So far.  Do have some 
things to clear up.

I do have a bit in my named.conf, like I have my views defined there 
with skeletal content (including root hints and rfc1912 for internal) 
and an include for the main view content.  I suppose I could go more 
skeletal, but I am taking on enough new stuff right now.

>
> Just for reference, at my place of employment I'm running a "hidden 
> master" server and two separate sets of slaves for internal and 
> external access for about 60 separate forward and reverse zones.  The 
> named.conf file basically consists of a single "options" stanza 
> followed by a series of include statements.  The includes themselves 
> have other files that they include, the tier depth is about four 
> levels deep at most.
>
> So far (knock on head) this has worked out fine for the last 8 years 
> or so.  Before that I was attempting to use a monolithic named.conf 
> file and found it an absolute bear to maintain. Smaller pieces means 
> smaller problems, once you've got the overall framework.
>
> Just my $.02!
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux