30.11. Editing Zone Defaults

If you add lots of zones that contain similar records, then it can be a lot of work to add them manually after creating each one. For example, in a web hosting company all of your domains might contain a www Address record for the IP address of your web server and an Mail Server record that directs mail to a central server. Fortunately, Webmin allows you to create a list of records that get added to all new domains, called a zone template.

A template consists of one or more records, each of which has a name, type and value. For Address records, the value can be an option which indicates that it can be entered by the user at zone creation time. This is useful if one of the records (such as www) in the new domains does not have a fixed address, and you want to be able to easily set it when the zone is added. Templates can only be used when creating forward zones, as they do not make much sense for reverse zones.

It is also possible to edit the default expiry, refresh, TTL and retry times for new zones. Webmin's initial defaults are reasonable, but may not be appropriate for your network. To change these defaults and set up template records, the steps to follow are:

1.
On the module's main page, click on the Zone Defaults icon. The form at the top of the page labeled Defaults for new master zones contains all the fields that need to be edited.

2.
Edit the Refresh time, Transfer retry time, Expiry time and Default time-to-live fields if you want to change the defaults times for new zones. Existing master zones will not be effected by any changes you make here though.

3.
If all your new domains are managed by the same person, enter his address into the Default email address field. This will save you from having to type it in on the master zone creation page every time.

4.
In the Template records table, two blanks rows appear for entering new records. To add more than two, you will need to save this page and re-edit it. The records in existing rows can be edited by just changing their fields, or deleted by clearing out the record name.

Under the Record name column you must enter the name of the record relative to the zone, such as www or ftp. To create a record for the zone itself (such as a Mail Server record for the domain), just enter a single dot.

Under the Type column, select a type for the record from the list. See Section 30.5 “Record Types” for more information on what each is used for.

As its name suggests, the field under the Value column is for entering a value for the new record. For the Address type, you can select From form in which case you will be able to enter an address when creating a new domain, which will be used by all template records that have this option selected. For Mail Server records, both the priority and server name must be entered separated by a space, such as 5 mail.example.com. Values for records of all other types should be entered in the same format as is used when adding a record to a zone.

5.
If you are familiar with the records file format used by BIND, you can create your own file of records to be included in new zones. If a filename is entered into the Additional template file field, its contents will be added to the zone file created by Webmin for new master domains.

6.
When you are done adding template records, click the Save button at the bottom of the page. The changes will apply to any new master zones created from now on.

Now that you have created a template, you can choose whether or not to use it for each new master zone that you create. On the creation form (explained in Section 30.3 “Creating a New Master Zone”) is a field labeled Use zone template?, which is set to Yes by default if there are any template records. Next to it is a field named IP address for template records, which used for entering the IP for records for which the From form option is selected. If you chose to use a template and if there are any records that do not have an IP address specified, then this field must be filled in.

The Zone Defaults page also contains several options that apply to all existing domains, but can all be set or overridden on a per-zone basis as explained in Section 30.6 “Editing a Master Zone”. You can control which clients are allowed to query the server and what kind of checking is done for the records of various domain types. Being able to limit the allowed client hosts is particularly useful, so that you can stop non-internal clients using your DNS server. However, you should make sure that master Internet zones hosted by your server are accessible to everyone, so that other DNS servers on the Internet can look them up.

To change these global options, the steps to follow are:

1.
On the module's main page, click on the Zone Defaults icon and scroll down to the Default zone settings section.

2.
To control which hosts are allowed to query your DNS server, change the Allow queries from field to Listed and enter a list of IP addresses, IP networks (like 192.168.1.0/24) and ACL names into the text box below. Clients that do not match any entry on the list will be denied, unless they are requesting a record in a zone which has its own separate settings allowing them.

3.
To control which hosts are allowed to perform zone transfers from your server, change the Allow transfers from field to Listed and fill in the text box below with a list of IP addresses, IP networks and ACL names. Only servers that are acting as secondaries for zones that this server hosts really need to be able to do transfers, so it is usually a good idea to enter just their IP addresses. If you are restricting queries, this field must be filled in so that hosts that cannot lookup records are not allowed to perform transfers either.

4.
The fields Check names in master zones? and Check names in slave zones? control the checking of records in all zone files for master and slave zones respectively. The available options for each are:

Warn If an invalid record is found, an error will be written to the system log file, but processing of other records continues normally.

Fail Invalid records cause the entire zone to be rejected, but other zones will still be processed normally.

Ignore No checking is done at all.

Default The default checking level is used, which is Fail.

5.
To have BIND check responses that it receives from other DNS servers, set the Check names in responses? field to Warn or Fail. The default is simply to pass potentially erroneous responses on to clients.

6.
The Notify slaves of changes? field determines whether BIND sends a notification to all slaves of master zones hosted by this server when they change. To turn this on, select Yes. Otherwise, select No or Default. Enabling notification is a good idea, as it ensures that secondary servers are kept in sync with the master.

7.
When done, click the Save button at the bottom of the page to update the BIND configuration file and then the Apply Changes button on the module's main page to make the changes active. The new settings will apply to all zones that do not explicitly override them on their own options pages.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.149.251.142