====== Ejemplos ======

===== DNS cache =====
Instalamos Bind9 con
<code bash>
apt install bind9
</code>
Editamos el archivos de bind
<code bash>
nano /etc/bind/named.conf.options 
</code>
Agregamos la ACL de los buenos clientes y sy respectiva configuración
<code>
acl goodclients {
  192.168.0.0/24;
  localhost;
  localnets; 

};

options {
  directory "/var/cache/bind";
  recursive yes;
  allow-query { goodclients; };
  allow-query-cache { goodclients; };
  allow-recursion { goodclients; };
  forwarders {
    0.0.0.0;
    8.8.8.8;
    8.8.4.4;
  };
  .
  .
  .
};
</code>
===== DNS con dominio interno/externo =====
Instalamos Bind9 con
<code bash>
apt install bind9
</code>
Creamos los directorios donde estarán nuestras zonas
<code bash>
mkdir /etc/bind/internal /etc/bind/external 
</code>
Creamos los archivos de nuestras zonas
<code bash>
cp /etc/bind/db.empty  /etc/bind/internal/db.example.com /etc/bind/external/db.example.com
</code>
Verificamos el contenido de nuestra zona externa
<code bash>

cat /etc/bind/external/db.example.com

; BIND reverse data file for empty rfc1918 zone
;
; DO NOT EDIT THIS FILE - it is used for multiple zones.
; Instead, copy it, edit named.conf, and use that copy.
;
$TTL    86400
@       IN      SOA     example.com. root.example.com. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                          86400 )       ; Negative Cache TTL
;
ns      IN      A       192.168.0.102
@       IN      NS      ns
@       IN      A       192.168.0.1
www     IN      A       192.168.0.200
</code>

Verificamos el contenido de nuestra zona interna
<code bash>
cat /etc/bind/internal/db.example.com

; BIND reverse data file for empty rfc1918 zone
;
; DO NOT EDIT THIS FILE - it is used for multiple zones.
; Instead, copy it, edit named.conf, and use that copy.
;
$TTL    86400
@       IN      SOA     example.com. root.example.com. (
                              1         ; Serial
                         604800 ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                          86400 )       ; Negative Cache TTL
;
@       IN      A       127.0.0.1
@       IN      NS      example.com.
www     IN      A       127.0.0.10

</code>

Agregamos las zonas a Bind9

<code bash>
cat /etc/bind/named.conf.local
</code>


<code>
acl internalacl {
 localhost;
};
view "internal" {
  match-clients {internalacl;};
  allow-query {internalacl;};
  
  zone "example.com" {
     type master;
     file "/etc/bind/internal/db.example.com";
  };
};

view "external" {
  match-clients {any;};
  allow-query {any;};
  
  zone "example.com" {
     type master;
     file "/etc/bind/external/db.example.com";
  };
};
</code>

Agregar a views las demas zonas:
<code bash>
nano /etc/bind/named.conf.default-zones
</code>
Debe quedar algo como
<code bash>
cat /etc/bind/named.conf.default-zones

view "all" {
match-clients {any;};
.
.
.
ZONAS POR DEFECTO
.
.
};
</code>
Verificamos la configuración de bind
<code bash>
named-checkconf
</code>
Verificamos la configuracion de nuestas zonas internas y externas
<code bash>
named-checkconf example.com /etc/bind/internal/db.example.com
named-checkconf example.com /etc/bind/external/db.example.com
</code>
Reiniciamos el servicio y observamos los logs
<code bash>
systemctl  restart bind9
tail -n 20 /var/log/syslog
</code>
Referencias:
  * https://www.howtoforge.com/two_in_one_dns_bind9_views
  * https://www.zytrax.com/books/dns/ch7/view.html
  *