diff options
| author | Stephen Smoogen <smooge@redhat.com> | 2016-03-23 22:55:51 +0000 |
|---|---|---|
| committer | Stephen Smoogen <smooge@redhat.com> | 2016-03-23 22:55:51 +0000 |
| commit | 6f81b912fbf8618b0986e4ba575cd82ba7ee9bbc (patch) | |
| tree | e1515f9922d214aa0c6edb69dd23b4aba5f564f1 /roles/dns | |
| parent | 34e0c1941bff6aad268796ef2ebb7a218b48451f (diff) | |
| download | ansible-6f81b912fbf8618b0986e4ba575cd82ba7ee9bbc.tar.gz ansible-6f81b912fbf8618b0986e4ba575cd82ba7ee9bbc.tar.xz ansible-6f81b912fbf8618b0986e4ba575cd82ba7ee9bbc.zip | |
remove unneeded named
Diffstat (limited to 'roles/dns')
| -rw-r--r-- | roles/dns/files/named.conf.data-analysis01.phx2.fedoraproject.org | 216 |
1 files changed, 0 insertions, 216 deletions
diff --git a/roles/dns/files/named.conf.data-analysis01.phx2.fedoraproject.org b/roles/dns/files/named.conf.data-analysis01.phx2.fedoraproject.org deleted file mode 100644 index 87feaffd5..000000000 --- a/roles/dns/files/named.conf.data-analysis01.phx2.fedoraproject.org +++ /dev/null @@ -1,216 +0,0 @@ -// -// named.conf -// -// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS -// server as a caching only nameserver (as a localhost DNS resolver only). -// -// See /usr/share/doc/bind*/sample/ for example named configuration files. -// - -options { - listen-on port 53 { 127.0.0.1; }; - listen-on-v6 port 53 { ::1; }; - directory "/var/named"; - dump-file "/var/named/data/cache_dump.db"; - statistics-file "/var/named/data/named_stats.txt"; - memstatistics-file "/var/named/data/named_mem_stats.txt"; - allow-query { localhost; }; - - /* - - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion. - - If you are building a RECURSIVE (caching) DNS server, you need to enable - recursion. - - If your recursive DNS server has a public IP address, you MUST enable access - control to limit queries to your legitimate users. Failing to do so will - cause your server to become part of large scale DNS amplification - attacks. Implementing BCP38 within your network would greatly - reduce such attack surface - */ - recursion yes; - - dnssec-enable yes; - dnssec-validation yes; - - /* Path to ISC DLV key */ - bindkeys-file "/etc/named.iscdlv.key"; - - managed-keys-directory "/var/named/dynamic"; - - pid-file "/run/named/named.pid"; - session-keyfile "/run/named/session.key"; -}; - -logging { - channel default_debug { - file "data/named.run"; - severity dynamic; - }; -}; - -zone "." IN { - type hint; - file "named.ca"; -}; - -zone "phx2.fedoraproject.org" IN { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "arm.fedoraproject.org" IN { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "ppc.fedoraproject.org" IN { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "cloud.fedoraproject.org" IN { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "mgmt.fedoraproject.org" IN { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "vpn.fedoraproject.org" IN { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "fedoraproject.org" IN { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "getfedora.org" IN { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "fedorainfracloud.org" IN { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - - -zone "78.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "79.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "124.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "125.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "126.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "127.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "128.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "129.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "130.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "131.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "168.192.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.126.21; 10.5.126.22; }; -}; - -zone "redhat.com" { - type forward; - forward only; - forwarders { 10.5.26.20; 10.5.26.21; }; -}; - -zone "88.5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.26.20; 10.5.26.21; }; -}; - -zone "4.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.26.20; 10.5.26.21; }; -}; - -zone "5.10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.26.20; 10.5.26.21; }; -}; - -zone "10.in-addr.arpa" { - type forward; - forward only; - forwarders { 10.5.26.20; 10.5.26.21; }; -}; - -zone "186.132.209.in-addr.arpa." { - type forward; - forward only; - forwarders { 10.5.26.20; 10.5.26.21; }; -}; - - - -include "/etc/named.rfc1912.zones"; -include "/etc/named.root.key"; - |