By default, the DNS configuration file is /etc/named.conf.
The location of this file is good and bad at the same time.
It's good because it's on a standard UNIX location.
It's bad because it isn't on dedicated directory.
In order to improve administration it's necessary to dedicate a more stable directory and decouple, as much as possible, configuration detail that are subject to more frequent changes (DNS zone data) from those that don't, such as global options.
Consider all the assumptions presented in my DNS configuration.
There are two scenarios, one of them specific to a DNS internal root.
I) The DNS internal root main configuration file could be:
(This is for internal root servers A, B, C and D)
#
# Business Corp.
#
# DNS internal root main configuration file.
# Global options should be gathered on this file.
# last update: August 1, 2014.
#
options {
version none;
directory "/var/named";
# ...
};
# Internal root.
zone "." in {
type master;
file "db.root";
recursion no;
};
# Loopback zone.
zone "0.0.127.in-addr.arpa." in {
type master;
file "db.127.0.0";
notify no;
};
# End of File.
II) The internal DNS server main configuration file could be:
(This is for internal top-level servers NS00, NS01 and NS02)
#
# Business Corp.
#
# DNS internal server main configuration file.
# Global options should be gathered on this file.
# last update: August 1, 2014.
#
options {
version none;
directory "/var/named";
# ...
};
# Internal root.
zone "." in {
type hint;
file "db.cache";
recursion no;
};
# Loopback zone.
zone "0.0.127.in-addr.arpa." in {
type master;
file "db.127.0.0";
notify no;
};
# Zones data (more frequently changed)
include "named.zones";
# End of File.
As soon as I'm satisfied with the global options the file won't change.
This is precisely my intention: administration limited to /var/named.
The file /var/named/named.zones will have other nested includes.
Most probably or ideally one additional nesting (include file) per zone.
